Armor,

Making Cloud Security Simple.

I want to learn more about __________

We Protect

Armor’s threat prevention and response platform blocks 99.999% of security events, they never even get close to your network’s perimeter.

We Detect

The industry average is 125 days to detect and eliminate a threat.
Armor’s average? Less than a day.

We Respond

Most cloud security companies stop at sending an alert. At Armor, we stop at eradication.

Armor Management Portal

AMP up your Security

  • Unified Visibility and Control
    All security alerts across the host, network, and application layers of your on-prem, hybrid, private, and public cloud environments aggregated and correlated for you in easy to understand security insights and remediation actions. Reduce alert fatigue, remediate true security incidents, and maintain a proactive security posture with Armor, so you can focus on what really matters, growing your business. Learn More
  • 2 Minute Security Protections, Any OS
    Easily deploy host-based security and compliance controls for every workload in your environment. Use Armor within your CI/CD pipeline to deploy security proactively with every workload. Developers like to move fast and innovate, using the cloud to their advantage. With Armor you can ensure your developers enjoy the benefits of elasticity, scale, and cost in the cloud while staying secure and compliant. Learn More
  • Robust Log and Data Management
    Data is the lifeblood of today's digital era. Your data is often the path to uncovering vulnerabilities in your cloud environment, creating an audit trail of employee actions to ensure security policies are being followed, and finding the trail of a hacker in an incident forensics and response investigation. Use Armor's robust log management capabilities to capture security logs from your environment, PaaS, application, and security appliance logs. Retain logs to meet HIPAA and PCI mandates. Learn More

A Simple Solution to Complex Security Problems

1.011T+
events analyzed per month and growing

99.999%
of security threats blocked
 

6000+
priority incidents conducted annually

Community insights from
1,200+
customers globally

0
hardware appliances deployed

0.71 day
dwell time versus 100+ days industry average

100%
audits pass rate
 

286%
ROI over 3 years with payback in 4 months

What Goes Into Simplifying Cloud Security

ARMOR’S THREAT PREVENTION AND RESPONSE IN ACTION

COMMUNITY-POWERED INSIGHTS

Leverage the collective knowledge of more than 1,200 client environments.

ADVANCED ANALYTICS & CORRELATION

Discover anomalies and patterns across your security ecosystem.

Threat Intelligence

Apply intelligence and context to better understand the threat.

Continuous Threat Hunting

Uncover targeted threat indicators and potential threat actors operating within your environment.

Orchestration

Playbooks accelerate response and automate repetitive tasks and workflows.

FORENSIC RESEARCH & INVESTIGATION

Consolidated and intuitive search, analysis and investigation of events.

BREACH RECOVERY

Ensure data protection and availability of workloads.

Brand Reputation

Extend security beyond your network boundaries by monitoring the dark web for threat activity against your company.

CONTINUOUS RESPONSE

Respond and resolve security threats faster across cloud workloads, on premises, and hybrid IT environments.

Armor Events

Thought leadership and unique experiences presented by Armor

Armor educates, entertains and engages with the community through a variety of events. Join for a speaking session, stop by our exhibitor table, or tune in to one of Armor’s webinars to witness our security experts in action.

Events

Apr 172019

Webinar | At the Gates of the Cloud: The Mindset of Small & Medium-Sized Enterprises

Rachel Chism Image

Rachel Chism

Apr 22019

Benefits of Multifactor Authentication

| Director of Product Marketing

With the continued rise of cyberincidents over the past decade, it’s apparent that hacking has become big business for cybercriminals. This has led to significant financial loss for consumers and enterprises that have fallen victim to data breaches. While there’s no silver bullet to data security in today’s increasingly sophisticated threat landscape, it also shouldn’t […]

Ryan Smith

Director of Product Marketing

With 10 years of experience, Ryan Smith serves as Director of Product Marketing at Armor; he is passionate about telling stories about how companies are achieving security and compliance in the cloud. Ryan regularly speaks nationwide at conferences, user groups, and special events on the topics of cloud security, compliance – PCI, HIPAA, and GDPR, and developing secure cloud architectures. Previously, he served as a Sr. Product Manager focused on bringing Armor Anywhere (a managed, scalable security solution that protect virtual machine instances hosted on public, private, hybrid or on-premise cloud environments) and its future iterations to market; he also has been an integral part of developing Armor’s compliance matrix mappings and the industry defining cloud adoption framework for HIPAA compliance. At prior companies, he served as the Founder, Head of Product or Marketing Manager for various SaaS businesses. Ryan holds a PhD in Mass Media and Communication Studies from European Graduate School.

Armor Blog

CYBER SECURITY & THREAT INTELLIGENCE FROM THE EXPERTS AT ARMOR

Every week, the Armor blog provides analysis, thought leadership and actionable insights for a variety of cloud security topics and news. Our experts keep you informed and ready for cyber threats as they emerge. Stay tuned, and secure.

#####EOF##### Secure Your Data from Spectre CPU Vulnerability - Armor

Updates to occur when as new information becomes available.

Armor-Specific Notes

Armor client utilizes Trend DeepSecurity for antivirus. We advise that Windows systems wait until the latest version of the DeepSecurity patch is installed for maximum effectiveness. Linux systems can patch at any time.

Weekend Updates

IMPORTANT: Those with encryption software installed on their system should check with the encryption vendor to ensure compatibility before installing any operating system patches, or significant data loss and/or downtime can occur.

Overview 

The announcement of critical flaws in processors produced by major CPU manufacturers sent shockwaves through the industry this week.  Researchers have now confirmed there are three variants of CPU vulnerabilities named Meltdown (variant 3) and Spectre (variant 1&2).  The vulnerabilities could potentially allow threat actors to access sensitive data in protected memory by bypassing critical security controls. 

The Spectre vulnerability is present in numerous variants of Intel, AMD and ARM processors.  This in turn affects systems running on the affected processors.  Spectre was discovered by Project Zero and independent researcher Paul Kocher.  While the Meltdown flaw involves using speculative execution to perform rogue data cache loading, Spectre revolves around bypassing bounds checks and branch target injection.  

Microsoft released patches yesterday to plug Meltdown and protect against certain use-cases of Spectre for many supported Operating Systems, but other Windows systems will need to wait until Patch Tuesday.  

Since Spectre represents a class of attacks rather than a single type of attack, one or two patches can’t protect against all use-cases.  While work is being done to protect against known use-cases of the vulnerability, even the original website devoted to Spectre and Meltdown clarified that: “As [Spectre] is not easy to fix, it will haunt us for a long time”.  

Below information is specific to Spectre, see the Meltdown FAQ for information related to Meltdown 

Meltdown breaks the mechanism that prevents an application from accessing system memory.  As a result, applications can access protected memory.  Spectre tricks applications into accessing arbitrary locations in their memory. 

The vulnerabilities could potentially allow threat actors to access sensitive data such as passwords and credit card information that is stored in memory. 

There have not been any POCs tested against antivirus products to provide definitively on whether any protection will be offered.  

There are no known exploits being used in the wild at this time, but at least one proof of concept has been released.   

Almost all processors are affected by this vulnerability across multiple platforms including desktops, laptops, servers and mobile devices. Per Apple, the Apple Watch is not susceptible to Spectre vulnerabilities.

At this point, it appears that any Operating System running on top of the affected CPUs is affected by this vulnerability.  

Multiple vendors have released advisories and patches for this issue.  US-CERT is maintaining a list of available vendor notifications. 

  • Implementing vendor patches will likely have an impact on the performance of your systems, though the performance hit will vary based on the operating system and work load of each system.
  • AMD has stated that one of the two variants does not affect their processors, and patches to mitigate the other Spectre vulnerability should not affect system performance.

Many antivirus programs are preventing the installation of the patch.  If you experience problems installing updates to your Operating System, check with your antivirus vendor for instructions. 

Intel revealed that they are close to having fixes for the majority of their affected processors released in the past 5 years, making those PCs and servers “immune” from both Spectre and Meltdown vulnerabilities. 

As Intel has not released any information on the impending update, performance impact is not known at this time.  

All of the OS patches for Spectre are simply mitigations that make the vulnerabilities more difficult to exploit. Firmware patches for the affected processors are a better solution.  Ultimately, processor manufacturers will need to update the architecture standard to eliminate the vulnerability.   

Reference CVEs:

  • CVE-2017-5715: Branch target injection (Spectre) 
  • CVE-2017-5753: Bounds check bypass (Spectre)  

We will be monitoring the issue, and will release updates as they are available.  

WHAT YOU CAN DO:

  • Inventory your network to look for vulnerable systems.  
  • Continually monitor vendor sites for patch availability for your installed Operating Systems.  
  • Test and apply patches when available.  
  • Adhere to current security best practices. 
  • Monitor/restrict the use of scripts, especially JavaScript. 
  • Be wary of vendors claiming to address security risks associated with this newly announced vulnerability.  Until Intel and the operating system developers release further details, we cannot know for sure what mitigating controls could be used to reduce or eliminate the risk.

ADDITIONAL LINKS

Patching Status Matrix
See the latest available patches for your operation system(s). This matrix will continue to be updated as patches become available.

#####EOF##### Managed Cloud Security Solutions Overview - Armor

Simplify your cloud security

Secure your organization’s applications and data in the cloud with Armor’s security-as-a-service

Assuming traditional IT infrastructures will meet future needs is risky. As the digitization of business operations continues to accelerate, it is IT’s role to introduce new technologies and capabilities that can support this transformation. Today’s organizations need cybersecurity products that can grow with them—ensuring data is secure and compliant now and in the future.

The solution? Look to the cloud.

Cloud technology offers agility, scalability, and flexibility; fundamental requirements to manage IT demands. Whether building a new environment or migrating an existing one, there are many things to consider: a solid security posture, compliance with regulatory frameworks, and (for established organizations) a substantial investment in legacy operations, among others. These are all valid reasons to think carefully about your cloud journey—what it will be and when.

Wherever you are on that path, Armor can meet you there and secure your journey today to ensure that you are ready for tomorrow. From your on-premise environment to public, private, or hybrid clouds—in any combination.

Hi. We’re Armor. Welcome to the cloud.

Armor Anywhere Datasheet

Armor Anywhere is a cloud-delivered SECaaS platform. It strengthens and unifies your on-premise, public, private, and hybrid cloud environments in minutes, protecting your cloud workloads wherever they are.

Armor Complete Datasheet

Armor Complete, our secure cloud-hosting platform, doesn’t sacrifice agility for security—it delivers both. An infrastructure-as-a-service (IaaS) solution, Armor Complete provides your business with real-time, on-demand cloud services that are secure from day one.

Armor Anywhere logo

SECURITY-AS-A-SERVICE

Making Cloud Security Simple. Anytime. Anywhere.
FOR AWS • AZURE • GOOGLE • HYBRID & PRIVATE CLOUDS

Armor Anywhere scales security to public, private, and hybrid cloud environments, or you can use it on-premise, deploying it on your own infrastructure in less than 2 minutes. Armor Anywhere makes security simple for our clients by handling the day-to-day issues of managing a cybersecurity team and all the technology and tools they need to be effective.

The Armor Anywhere agent will prepare your IT infrastructure for any attacks through security defenses that enable you to prevent, detect, and respond to cyberthreats in real time—at a fraction of the cost of traditional solutions.

Secures public, private, & hybrid clouds, as well as on-premise environments

Provides 24/7/365 prevention, detection & response

Deploys in under 2 minutes, protecting your cloud workloads in less time than it takes to read the manual

Unleashes active threat hunting

Conducts incident response & forensics (IRF)

Armor Complete Logo

SECURE HOSTING SERVICE

Secure Cloud Hosting. Managed Security. Audit-Ready Compliance.

Armor Complete is our secure hosting solution. It is a virtual private cloud (VPC) with built-in security controls that provides the industry’s leading prevention, detection, and response services—keeping your sensitive, regulated data safe and secure. Armor Complete is cybersecurity that goes beyond alerting—beyond compliance—providing 24/7/365 security and support.

Integrated Intelligence, Security & Response

Provides 24/7/365 managed security & support

Meets PCI & HIPAA/HITRUST compliance requirements

Uses high-performance & redundant architecture

WHY USE ARMOR

CHECK OUT WHY CUSTOMERS TRUST ARMOR FOR THREAT DETECTION, INCIDENT RESPONSE, AND COMPLIANCE MANAGEMENT.

#####EOF##### Managed Security-as-a-Service Solution - Armor Anywhere
Armor Anywhere logo

Armor Anywhere: Making Cloud Security Simple. Anytime. Anywhere.

Armor Anywhere is a managed SECaaS platform. It strengthens and unifies your on-premise, public, private, and hybrid cloud environments. Armor makes security simple for our clients by managing the day-to-day issues of running a cybersecurity team and all the technology and tools they need to be effective. The Armor Anywhere agent will prepare your IT infrastructure for any attacks through security defenses that enable you to prevent, detect, and respond to cyberthreats in real-time—at a fraction of the cost of traditional solutions.

Armor Anywhere not only provides cost savings, but it saves time as well. In under two minutes you can be protected by the Armor suite of technology tools and security controls—backed by a security operations center (SOC) that keeps watch over your systems 24/7/365.

The people of the Armor SOC have years of experience in cybersecurity, many trained and entrusted to protect government and civilian data, workloads, and security. The Threat Resistance Unit (TRU), a part of the SOC, is our internal threat hunting team that seeks cyberthreats inside and out of Armor’s cloud infrastructure and its clients’ other IT environments. Working closely with outside groups they help end virus and malware epidemics; create signatures and countermeasures, applying them cross-platform; and help Armor clients, the cybersecurity community, and ultimately anyone who uses the internet (basically, the world).

Data Sheets

Armor Anywhere Technical Solution Brief

Armor Anywhere delivers a managed security-as-a-service that fortifies and unifies your on-premise, cloud and hybrid IT security defenses.

admin Image

admin

ARMOR ANYWHERE IS END-TO-END CYBERSECURITY—SIMPLIFY YOUR SECURITY AND YOUR LIFE:

  • Unified protection and visibility—Armor Anywhere provides cybersecurity management through our threat prevention and response platform, which is powered by our experts in the Armor SOC, including the Threat Resistance Unit team. Keep track of your security measures and countermeasures, view analytics, and run reports through the Armor management portal (AMP), which offers single-pane-of-glass visibility across all your architectures, whether on-premise or in the cloud.
  • Continuous Detection and Response—The SOC teams work together to ensure our database is continuously updated with the latest cyberthreats—viruses, malware, phishing scams, cryptojacking and mining software, etc.—regularly improving our white- and blacklists, as well as providing end-to-end prevention, detection, and response services to our clients. We don’t just alert you to a problem—we stick with you to the end. Our SOC and Threat Resistance Unit ensure your environment is free of invaders by eradicating existing ones, while implementing countermeasures to defend against future attacks.
  • Audit Ready Compliance—Provides audit-ready compliance for PCI DSS, HIPAA and HITRUST CSF, and GDPR. You have access to time-tested compliance experts 24/7/365
  • Swift and Scalable Deployment—Once the Armor Anywhere agent is deployed, your environment is fully protected in under two minutes. Armor Anywhere is designed to protect your on-premise IT environment, as well as any workloads stored in public, private, and hybrid cloud environments.

Why DevOps Loves Armor Anywhere

  • Cloud-delivered
  • Scales with the environment
  • Supports public, private, and hybrid cloud architectures, as well as on-premise environments
  • Delivers audit-ready compliance
  • Migration-friendly

Armor Anywhere: What does it do?

Thanks for asking! Armor Anywhere provides:

INTRUSION DETECTION

With visibility to inbound and outbound activity at the host, Armor inspects anomalous traffic against predefined policies – detecting attacks like generic SQL injections, generic XSS attacks, DoS and generic web app effects. This service provides an agent-based Intrusion Detection System on the installed host for network traffic analysis and reporting based around policies defined by Armor.

File Integrity Monitoring

FIM is designed to monitor critical system file locations and alert you when your files have changed. It also monitors critical operating system (OS) files for changes that may allow threat actors to control your environment. FIM uses OS-specific policies and provides Armor with log visibility to assist in reviewing security events.

Vulnerability Scanning

Armor scans for potential points of risk to help reduce the surface area of attack. Weekly scheduled scans provide you a visible audit report to identify the vulnerabilities that attackers could use to penetrate your network, so you can develop your remediation plan.

Patch Monitoring

Patch Monitoring provides visibility into your environment to identify critical OS-level patches for resolution. Armor provides visibility into your environment running the Armor Anywhere agent, so you can ensure your OS is consistently up to date.

Malware Protection

Armor protects your environment from harmful malware and botnets deployed to capture your data, monitor your activity or leverage your servers for illicit activity. In the event an alert is created, Armor’s threat analysts begin an in-depth investigation. Armor uses an enterprise-class malware protection application and deploys the application agent within the Armor Anywhere agent.

LOG MANAGEMENT

Log Management captures and documents, analyzes and reports on log events from firewalls, servers, OS logs, and other applications to determine their validity and severity. Customers can view 30 days of logs in AMP and store up to 13 months of log events consistent with applicable regulatory requirements.

CONTINUOUS THREAT HUNTING

Proactive hunting within our data lake identifies threat actor activity not alerted to by our SIEM leveraging the research and expertise of Armor’s Threat Resistance Unit team as well as threat intelligence derived from a variety of sources.

BRAND AND REPUTATION MONITORING (DTB/IPRM)

Monitors public and deep and dark webs for threat activity against our Armor customer base using a mix of automation and targeted threat research.

THE SHARED SECURITY RESPONSIBILITY MODEL

Shared responsibility is key to ensuring your cloud workloads are protected from cybercriminals and their attacks. Listen to me now and hear me later (or listen now and hear me now and later—just make sure you hear me) this is incredibly important: You cannot rely solely on your cloud providers’ (i.e., Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform) native security controls. All public cloud providers operate under the shared responsibility model, which means that you are responsible for supplementing the providers’ cloud native security controls with a layer of external security controls. We are highlighting this because a recent social media poll we conducted, #ArmorU, showed an alarming number of respondents 47% were woefully uninformed about shared responsibility and, therefore, leaving themselves vulnerable to potential breaches and data theft.

Don’t panic! Just pick up the phone and call us, hop on our chat program, send an email—we even accept post by carrier pigeon (just like Mike Tyson).

Armor Anywhere provides the additional layer of security each cloud providers’ shared responsibility model requires (and then some), while simplifying cloud deployments and security control management. We even ensure you have access to the SOC 24/7/365—real people—who move past alerting to help you contain and remediate any threat actors in your environment or attempting to breach your defenses.

Data Sheets

Armor Anywhere: Shared Responsibility

Armor Anywhere makes it easy to balance security, cost-effectiveness and cloud accessibility.

Shared Responsibility Is Your Responsibility

Each cloud provider has different requirements regarding the shared responsibility model and Armor Anywhere can get you there; we work as partners with the large cloud providers. The following datasheets detail the nuances of meeting each platform’s (and your) cybersecurity needs.

Amazon Web Services (AWS)

Microsoft Azure

Google Cloud Platform

Armor Anywhere—Powered by our threat prevention and response platform

Wait, What Is A Platform?

At Armor, and in the broader technology industry, when we say “platform,” “our platform,” or “powered by a platform,” we don’t mean a physical entity, a stage—it is simply a metaphor to describe all the people, processes, tools, and technology that make up Armor’s solutions and empower them to protect our clients. So, when we talk about the Armor platform, we are talking about the following, and more:

  • People—SOC members, Threat Resistance Unit team, any employees that deal with the threat prevention and response part of our business
  • Tools and Technology—dynamic threat blocking (DTB), our IP reputation management service (IPRM), including blacklists and whitelists; log management; vulnerability scanning; malware detection and blocking; intrusion detection and prevention services (IDS/IPS)—both NIDS (network layer) and HIDS (host layer); etc.
  • Services—Threat hunting, 24/7/365 access to our SOC, incident response and forensics (IRF), business continuity and disaster discovery (BC/DR),

 

Spartan—The Armor Platform

Now that you know a little bit more about the meaning of platform in a tech context, we’d like to give you a visual description to help you understand exactly how all those things tie together to protect your sensitive data and workloads—whether on-premise or in any form of cloud architecture. The graphic below shows how the Armor platform works. You can also visit the Spartan page for more detailed information on how each component works together to provide 24/7/365 protection for your workloads.

Traditional MSSP vs Armor Offerings

CapabilitiesTraditional MSSPArmor Anywhere
TechnologyAppliance/HardwareCloud-delivered Agent/No Hardware
Ease of Implementation (DevOps-ready)Average 45 days<2 minutes
Protection, Detection, and ResponseAlerting ONLY99.999% Threats Blocked, Response Included
Average Time to Detect and Eliminate Threats99 Days1 Day
Visibility & Threat Management-Environments (On-Premise, Cloud, and Hybrid)On-Premise Only✓
Audit-Ready Compliance (HIPAA, HITRUST, PCI, GDPR)No✓
Pay for only what you useFixed, Contract✓
PatchingClient Owns✓

ARMOR MANAGEMENT PORTAL

The Armor Management Portal (AMP) provides you with a single-pane-of-glass visibility into your security program providing real-time visibility and management of your security controls.

Security Metrics to Benchmark Your Success
Integrated within AMP, the Security Analytics dashboard delivers real-time visibility powered by advanced correlation and analytics to help you make smarter decisions.

Angled screenshot of Armor Security Dashboard
#####EOF##### Global Armor Guardian Partner Program - Armor

The Global Armor Guardian Partner Program

Solve your customers’ cloud security challenges by joining the Global Armor Guardian Partner Program.

Why Partner with Armor?

  • Single point of value: Find the perfect blend of cloud security, value and performance – managed by a team of proven security professionals.
  • Add to your sales arsenal: Cloud security solutions you can add to current opportunities.
  • Emerging opportunity: Entry into the growing cloud- and SaaS-based technology market.
  • Personalized support: Enhance your sales cycle with support from Armor cloud experts.
  • Shared marketing resources: leverage marketing support and training during sales engagements

Armor partners have access to deal registration, rich incentives and the Armor partner community as well as marketing and training support. Combined with our expertise as a born-in-the-cloud cyber security services provider, these benefits will help you effectively sell to security-conscious, cloud-ready customers.

Join the Armor Guardian Partner Program

The same security and responsibility that we bring to the secure managed cloud are exemplified in the relationships with our partner programs. So, how can we help the world — together?

Join Now

Partner Types

The Armor Partner Program was created to meet the unique needs of different partner types. These types are divided into five different categories and designed to maximize the return of our collaborative efforts.

Business growth, accelerated with Armor

Enhance your own offerings by leveraging Armor’s cloud security solutions. As a Managed Service Provider, you can increase margins with additional benefits that scale with your business.

Benefits include:

  • Unique tools for central management and self-provisioning
  • Security and cloud solutions that eliminate costly installation and setup work.

Expand your sales arsenal with cloud security

Add solutions from Armor to your portfolio of customer product offerings.

Benefits include:

  • Enhance your revenue potential with a host of discounts, sales tools, business leads and marketing opportunities
  • Streamline your sales cycle

Expanding business opportunity

Are you a SaaS company who wants the most secure and compliant cloud environment to offer your customers? Differentiate yourself in the market today with the world class Secured by Armor offerings. This Armor partner category is best suited for SaaS organizations seeking the most secure and compliant cloud environment for their customers.

Benefits include:

  • Refer your qualified mid-market and enterprise customers and/or partners to Armor
  • Receive financial compensation for new business

Expanding business opportunity

Are you a SaaS company or an ISV who wants the most secure and compliant cloud environment to offer your customers?  Many customers are not ready to go “all-in” with the cloud.

Benefits include:

  • Differentiate yourself in the market today with the world class Secured by Armor offerings for a hybrid environment solution.
  • Showcase yourself as the innovative and forward thinking partner your customers want to work with.

Improve efficiency, reduce costs and optimize security

Armor is dedicated to working with the top technology companies and cloud providers in the industry. Find out more about what we are doing today with partners such as Microsoft, Amazon, VMware and Trend Micro.

Benefits of the Armor Guardian Partner Program

Armor partners can leverage our security expertise when selling to potential customers.

Partner benefits include:

  • Deal registration and sales incentives
  • Dedicated partner manager
  • Dedicated partner marketing manager
  • Marketing development funds (MDF)
  • Armor Partner Portal access
  • Access to customizable marketing materials and sales collateral

Associate your brand with Armor’s cyber security expertise through marketing and awareness tools, events, PR, training and more.

Gov UK Logo

Armor is approved to sell solutions through the G-Cloud 9 Digital Marketplace. UK public sector entities can receive PCI DSS-compliant managed security with, enhanced threat intelligence, automated security orchestration and machine learning managed by an elite military-trained security operations center (SOC).

Learn more about our G-Cloud 9-approved security solutions in the G-Cloud 9 Digital Marketplace.

FlexManage engages partners with the acumen and experience to help us meet the complex IT needs of our customer base – of which security is among the chief concerns. Armor’s proven solutions and threat intelligence expertise protects critical information without compromising business performance or productivity. This allows us to offer significant advantages to the market.

Lee Hovermale, Chief Executive Officer at FlexManage
#####EOF##### Secure Cloud Hosting - Armor Complete
Armor Complete Logo

Embrace the cloud with Armor Complete

Yes, cybersecurity is complex. Yes, compliance is also complex. Yes, there is a solution that makes managing both feel simple. Yes, it is Armor Complete.

Armor Complete is our secure hosting solution. It is a virtual private cloud (VPC) with built-in security controls that provides the industry’s leading prevention, detection, and response services—keeping your sensitive, regulated data safe and secure. Armor Complete is cybersecurity that goes beyond alerting—beyond compliance—blocking 99.999% of all malicious security events; holding a 4% false positive rate in an industry that considers 30-40% exceptional; and reducing threat actors’ dwell time from days (industry average) to minutes.

How do we do it? It’s a combination of things, including people, passion, creativity, tools, technology, smarts, humor, caffeine, and experience—among others. We tested software, hardware, solutions, tools, people, processes—all the things there are to test when building an environment so secure that regulatory compliance was an outcome, not a goal. We did all that so our clients wouldn’t have to—that’s how we make cloud security simple.

Data Sheets

Armor Complete – Technical Solution Brief

Download the Armor Complete Technical Solution Brief for an overview of Armor Complete’s security capabilities, add-ons, shared responsibility operating model, and details about the Spartan threat prevention and response platform and the Armor Management Portal.

Amy Bakameyer Image

Amy Bakameyer

A CLOUD SO SECURE, COMPLIANCE COMES NATURALLY

ARMOR COMPLETE, MAKING COMPLIANCE SIMPLE

Armor Complete actively reduces your security and compliance burden by providing the highest level of managed security for your customers’ data. Our uncompromised security approach enables you to more easily meet HIPAA/HITRUST, PCI DSS, and GDPR cloud compliance requirements.

With nearly a decade of hosting compliance-driven applications, we have built an audit-friendly reputation that simplifies compliance.

Components of everything from the datacenter to the application layer are protected by Armor’s uncompromised security approach. Leveraging Armor’s experience enables your business to achieve the highest level of compliance more easily, for less cost and with less management overhead than doing it yourself.

ACHIEVE COMPLIANCE WITH ARMOR COMPLETE:

  • Physical Security
  • Application Security
  • Server Security
  • Data Backup
  • Security Audits
  • Data Management
  • Perimeter Security
  • Network Security
  • Administrative Security
  • Secure Data Deletion
  • Access Control
  • Incident Response (IR)
Data Sheets

Compliance Matrix – Armor Complete

Review Armor Complete’s logical breakdown of security controls and how they map to respective compliance requirements.

IDEAL FOR DEVOPS ORGANIZATIONS AND SAAS PROVIDERS

FLEXIBLE AND AGILE
Self-provision servers, IPs, firewall rules and more.

Learn More

EXTENSIVE API LIBRARY
Automate your cloud with Armor’s RESTful HTTP API.

Learn More

DELIVERING SECURITY, COMPLIANCE, SUPPORT, & PERFORMANCE

You know how star athletes and musicians; prize-winning academics or celebrity chefs make hard things look so easy? Don’t believe it; it’s not. That’s why we want to slow your DIY roll and tell you about Armor Complete, a solution that provides complex cybersecurity and compliance management—but makes it look and feel simple.

Multilayered Cloud Security

Armor Complete provides secure hosting through multiple cybersecurity layers—providing 24/7/365 managed security and service that protects your critical data and workloads from cyberthreats and criminals. The following components of our industry-leading infrastructure and integrated security layers helps organizations reduce threat actor dwell time to near zero.

BRAND AND REPUTATION MONITORING (DTB/IPRM)

Monitors public and deep and dark webs for threat activity against our Armor client base using a mix of automation and targeted threat research.

DENIAL OF SERVICE/DISTRIBUTED DENIAL OF SERVICE (DOS/DDOS) MITIGATION SERVICES

DoS protection is provided at every datacenter location. Once a DoS attack is detected, Armor’s security team directs traffic through a series of filters effectively mitigating the threat.

FILE INTEGRITY MONITORING (FIM)

FIM is designed to monitor critical system file locations and alert you when your files have changed. It also monitors critical operating system (OS) files for changes that may allow threat actors to control your environment. FIM uses OS-specific policies and provides Armor with log visibility to assist in reviewing security events.

INTRUSION DETECTION (IDS)

With visibility to inbound and outbound activity at the host, Armor inspects anomalous traffic against predefined policies—detecting attacks like generic SQL injections, generic XSS attacks, DoS, and generic web app attacks. This service provides an agent-based IDS on the installed host for network traffic analysis and reporting based around policies defined by Armor.

LOG MANAGEMENT

Log management captures and documents, analyzes and reports on log events from firewalls, servers, OS logs, and other applications to determine their validity and severity. Customers can view 30 days of logs in the Armor management portal (AMP) and store up to 13 months of log events consistent with applicable regulatory requirements.

MALWARE PROTECTION

Armor protects your environment from harmful malware and botnets deployed to capture your data, monitor your activity or leverage your servers for illicit activity. In the event an alert is created, Armor’s threat analysts begin an in-depth investigation. Armor uses an enterprise-class malware protection application and deploys the application agent within the Armor Complete agent.

PATCH MONITORING

Patch monitoring provides visibility into your environment to identify critical OS-level patches for resolution. Armor provides visibility into your environment running the Armor Complete agent, so you can ensure your OS is consistently up to date.

THREAT HUNTING

Proactive threat hunting within our data lake identifies threat actor activity not alerted to by our security incident and event management (SIEM) leveraging the research and expertise of the Threat Resistance Unit (TRU), as well as threat intelligence derived from a variety of sources.

VULNERABILITY SCANNING

Armor scans for potential points of risk to help reduce the surface area of attack. Weekly scheduled scans provide you a visible audit report to identify the vulnerabilities that attackers could use to penetrate your network, so you can develop your remediation plan.

Web Application Firewall (WAF)

WAF provides protection from layer-7 oriented attacks targeted toward customer applications.

Get Pricing Request Demo

24/7/365 Customer Support & Solutions

Armor Complete customers have all the access—from hosting management to insightful security discussions and effective incident response (IR)—we start at onboarding and just don’t stop, ever:

  • Access to consultative and certified engineers
  • Compliance specialists on staff
  • Accredited SOC
  • Incident monitoring and proactive response
  • Security policies, reporting, and monitoring
  • Network and information security
  • Flexible support channels: ticket, phone, and chat
  • Client portal with self-service hosting, security management, and support ticketing
  • Managed operating systems, hardened to the highest standards
  • SSL VPN access with two-factor authentication
  • Backup and recovery

ARMOR COMPLETE: EMPOWERING CLOUD PERFORMANCE

NATIVE PERFORMANCE CAPABILITIES FOR AN AGILE, SCALABLE, AND DEVOPS-READY CLOUD

Armor Complete is managed for performance. We don’t oversubscribe; we over-deliver network, compute, and storage performance. It’s simple math: fewer clients sharing the same resources result in higher performance for each client.

  • HIGH-AVAILABILITY ARCHITECTURE—Fully redundant architecture provides quick recovery from hardware failures
  • FLEXIBLE STORAGE TIERS—From high performance to low cost, our three storage tiers meet every need
  • VERTICAL SCALABILITY—Increase processors, memory, and storage resources through the client portal or API
  • GEOGRAPHIC REDUNDANCY—Domain name service (DNS) hosting options help multi-national customers achieve better continuity
    and speed
  • HORIZONTAL SCALABILITY—Mitigate single points of failure and infinitely scale performance by load balancing servers
  • RESOURCE MONITORING—We closely monitor our resources to ensure we consistently deliver on our promise of speed

HOW DO YOU COMPARE CLOUD POWER?

Cloud oversubscription is the ratio of virtual server resources to physical server (host) resources. For example, a physical host (the bare metal host) equipped with two processor sockets of 12 cores each has a capacity of 24 physical CPUs (or pCPUs). However, your cloud provider may provision as many virtual CPUs (vCPUs) on that host as they wish. This performance variability stems from the fact that different cloud providers operate at different levels of oversubscription—further complicating the process of comparing clouds.

VIRTUAL PRIVATE CLOUD

WE DON’T BUILD YOU A SERVER, WE BUILD YOU A FORTRESS

ARMOR COMPLETE – HOW IT WORKS
Armor Complete is built on the powerful and proven VMWare NSX platform, the network virtualization and security platform for the Software-Defined Data Center (SDDC). Every Armor Complete customer receives their own virtual private cloud; within that environment, IP addresses are private, as part of our zero-trust architecture. The operating system running your cloud servers is hardened following industry and proprietary best practices.

ARMOR AGENT
The Armor agent leverages best-of-breed security capabilities to secure your environment. Armor Complete is powered by Spartan, the industry’s leading threat prevention and response platform that outthinks and outpaces threats at the speed of cloud. Spartan integrates advanced analytics, global threat intelligence, and continuous response capabilities into a single solution that bolsters your defenses, uncovers hidden threats, and prevents security breaches. Telemetry from over 1,200 customers drives community insights.

Edge Security

Protection against External Threats ​ ​Web application firewall, IP reputation management, intrusion detection, DDoS

Private Gateway

Protection for your Environment ​ ​Firewall, private network address translation, routing

Security Agent

Protection at the Core ​ File integrity monitoring, O/S hardening, malware detection, vulnerability scanning, log management

SHARED RESPONSIBILITY

ACHEIVE UNCOMPROMISED SECURITY, TOGETHER

Armor allows you to outsource your risk by sharing the responsibility. Armor complete is purpose-built to achieve a secure and compliant posture for your data that enables your business to innovate in the cloud. Armor reduces the burden of these challenges for your organization by sharing both risk and responsibility.

Data Sheets

Armor Complete Shared Responsibility

Security and compliance is a shared responsibility between Armor and our customer.

Amy Bakameyer Image

Amy Bakameyer

Armor Management Portal

The Armor Management Portal (AMP) provides you with a single-pane-of-glass visibility into your security program providing real-time visibility and management of your security controls.

Security Metrics to Benchmark Your Success
Integrated within AMP, the Security Analytics dashboard delivers real-time visibility powered by advanced correlation and analytics to help you make smarter decisions.

Angled screenshot of Armor Security Dashboard

  • Instantly add and scale cloud resources such as virtual servers and storage
  • Make instant firewall policy changes with self-service rules
  • Manage their IP space (public and private)
  • Create and manage site-to-site (L2L) VPN tunnels
  • Control access to the environment by managing users, roles and permissions
  • Create and interact with support tickets
  • Shop for additional services such as additional IP addresses, data replication, backups, encryption and many others in
    theArmor Marketplace
  • Real-time visibility into security metrics through the Security Dashboard

WHAT MAKES ARMOR SOLUTIONS SO COMPLETE, EASY AND EFFECTIVE AGAINST TODAY'S CYBER THREAT?

The Armor Spartan threat prevention and response platform is how Armor delivers security outcomes for our customers. The Armor Spartan platform is purpose-built to leverage the agility and speed of the cloud, scaling up to drive new community insights against an ever-changing threat landscape as well as scaling out to provide unified visibility across an ever-changing IT landscape.

WANT TO TRANSFORM YOUR SECURITY?

US +1 877 262 3473 | UK +44 800 500 3167

#####EOF##### Spartan Threat Prevention and Response Platform - Armor

Spartan Threat Prevention and Response

Spartan is the IT security industry’s leading threat prevention and response platform. Armor integrates advanced analytics, global threat intelligence, and continuous response capabilities into a single platform that bolsters your defenses, uncovers hidden threats, and prevents security breaches.

Whether on-premise, cloud, or hybrid, Spartan provides your IT environment, with a proactive approach to cyberthreats. Our security operations center (SOC), including the threat resistance unit (TRU), gathers threat intelligence from the deep and dark webs, hacker forums and pastebin sites, and the hits our 1200+ customers receive daily to develop countermeasures that protect our infrastructure and your IT environment from every category of cyberthreat.

View Transcript

Armor’s Unique Perspective on the Cyberthreat Landscape

We serve 1200+ customers in 50+ industries. Due to our sample size, we have a larger and broader picture of existing and potential threats to your IT environment. All the data we gather from events filtering through Spartan’s security infrastructure is collected, analyzed, identified, and added to our database. We adjust our security controls accordingly and, through Spartan, the updated countermeasures are applied across all our customers’ environments. What helps one, helps us all.

Spartan: Threat Intelligence for the Greater Good

1.011T+
events analyzed per month and growing

99.999%
of security threats blocked
 

6000+
priority incidents conducted annually

Community insights from
1,200+
customers globally

0
hardware appliances deployed
 

<1 day
dwell time versus 100+ days industry average

286%
ROI over 3 years with payback in 4 months

Spartan Platform Features

Threat Prevention, Detection, & Response in Action

Crowdsourced Threat Intelligence

Data from our 1200+ customers is used to improve Spartan’s defenses for all. Anything we learn is applied to developing threat intelligence and countermeasures that are applied across the platform, preventing future incidents and improving detection.

Advanced Analytics & Correlation

Spartan analyzes all collected data and correlates it with any event data gathered by other security tools under our management, looking for anomalies or patterns that might indicate a threat or an intrusion.

Threat intelligence

Spartan’s security tools are continuously improving, fed by the ongoing aggregation of threat intelligence, which is applied across the platform and prevents future threats from gaining access to your IT environment.

Continuous Threat Hunting

Billions of events pass through Spartan’s security controls monthly and are categorized as known good, known bad, or suspicious. Suspicious events are assumed malicious and investigated by our security experts.

Orchestration

Threat response is accelerated by automated playbooks that run repetitive tasks and workflows.

Forensic Research & Investigation

We are with you from start to finish. Forensic investigation of security incidents is a standard part of our operations. If you require a third-party for compliance reasons, we will help you find them.

Brand & Reputation Monitoring

Armor security experts not only monitor what happens in your network, they scan the dark web for threat activity against your company.

Continuous Response

You are not alone—Armor’s response does not stop at alerting. The SOC works with you to respond and resolve threats faster across cloud, on-premise, and hybrid IT environments to ensure up-time and availability.

Managed Security Service Provider (MSSP) Offerings

Traditional MSSPArmor
Siloed Security & Technology SprawlUnified Visiblity & Control for Any Environment
Security That Impedes Business InnovationSecurity That Accelerates Go-to-Market
Reactive Security Posture—Alerting ONLYProactive Security Posture—Alert, Respond & Resolve
Lengthy Compliance ProcessSimplified, Continuous Audit-Ready Compliance
Growing Skills GapSecurity Expertise On-Demand
Fixed/Contractual PricingFlexible/Pay As You Go
Dwell Time Average of 100+ DaysDwell Time Average of 1.2 Days

Protect Your Data without Slowing Your Business

Security Services Built For The Cloud

Our goal is to simplify your business, not complicate it. We know that security is not often equated with speedy, but we’re here to change that. Spartan was built with speed in mind, as well as agility, flexibility, and resilience—you’re welcome, DevOps.

Infographics

Armor Spartan Platform

The Armor Spartan platform is designed specifically to defend cloud workloads and hybrid IT, resulting in improved protection, faster response times and enhanced visibility across all your environments.

admin Image

admin

ARE YOU READY?

Transform your security to operate at the speed of your business

#####EOF##### Protect Your Cloud Data Against Petya Ransomware - Armor

A ransomware dubbed Petya has been rapidly spreading throughout Europe, infecting airlines, financial institutions and utilities. The Petya ransomware, also known as Petrwrap, has been around since 2016. It initially targeted HR departments with phishing emails containing links to a DropBox with a tainted resume file. It has recently been upgraded to allow it to spread using EternalBlue, the Windows SMB exploit released by The Shadow Brokers and the same attack vector used by the WannaCry ransomware.

Even though this may look like a WannaCry copycat, Armor’s Security Operations team believes it has the potential to be far more devastating. Unlike WannaCry, Petya goes beyond just encrypting the files and actually modifies the Master Boot Record of the machine. This renders the affected computer unable to boot. Instead, it displays a phony check disk operation while the malware is encrypting the master file table. Without the master file table to reference, the operating system is unable to access the files. Microsoft now has evidence that the ransomware initially started from the legitimate MEDoc updater process – a dangerous trend involving software supply chain attacks. With this lateral movement capability, Petya only takes a single infected machine to affect a network.

The ransomware spreading functionality is composed of multiple methods responsible for:

  • Stealing credentials or re-using existing active sessions
  • Using file-shares to transfer the malicious file across machines on the same network
  • Using existing legitimate functionalities to execute the payload or abusing SMB vulnerabilities for unpatched machines

Since Petya utilizes the same exploit as WannaCry, our proactive security measures remain the same. Learn more in our ransomware response kit.

Recommendations

Related IPs:

  • 165.29[.]78
  • 200.16[.]242
  • 90.139[.]247
  • 141.115[.]108

Related Domains: COFFEINOFFICE[.]XYZ

Crypto Currency Address: 1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX

Resources

Webinars

Overcoming Petya

Petya is the latest malicious ransomware strain that has greatly infected Eastern Europe. Learn more about the attack and how to secure your data.

admin Image

admin

Jun 272017

Vigilance Required: European Ransomware Petya Moves into Russia and U.S.

| Senior Security Architect

Following in the footsteps of WannaCry, a new ransomware named Petya appears to be instigating similar global havoc with EternalBlue. Follow Armor for the latest intelligence on this emerging threat.

Chris Hinkley, OSCP, CISSP

Senior Security Architect

As senior security architect of Armor, Chris Hinkley utilizes a decade of security expertise to design, test and deploy next generation security processes and techniques for the cloud. His work at Armor was instrumental in Armor being one of the first cloud companies globally to achieve PCI DSS compliance. Prior to Armor, Hinkley worked as a Web Developer for TargetScope, an interactive marketing and Web development company. In that role he created everything from website animations to complex and dynamic product configurations using the latest technology and development frameworks. With Armor, Hinkley has held a number of security and technology-related roles, including security engineer, lead engineer and support manager. In those roles he has serviced thousands of FireHost customer servers, including Windows and Linux, and overseen the security of all hosting environments to meet PCI, HIPAA and other compliance guidelines. Hinkley is a sought after speaker and author on cloud, security and open source topics, publishing regular columns in SecurityWeek and other industry magazines. Hinkley is a Certified Information Systems Security Professional (CISSP).

Jun 282017

Petya: Using Blast Radius to Deduce Attribution

As the global ransomware attack coined Petya continues to proliferate globally, identifying the culprits is an important piece of the puzzle. At this point, it’s prudent to attempt to rule out who it doesn’t appear to be through process of elimination. While there was clear forensic evidence connecting the code used by the WannaCry actors […]

#####EOF##### Armor File Integrity Monitoring (FIM) - Armor

Armor File Integrity Monitoring

Host-based protection for your IT environment

File integrity monitoring (FIM) is an additional layer of security to protect your cloud, on-premise, hybrid, or hosted IT environment from threats. Should a cyberattack infiltrate firewalls and intrusion detection systems (IDS), your organization’s IT infrastructure is threatened. FIM enhances your existing cybersecurity measures by monitoring activity at the host, ensuring that any changes to critical system file locations and operating system files are identified and your security team is alerted.

File Integrity Monitoring Datasheet

Read Armor’s File integrity Monitoring (FIM) datasheet to learn more.

File Integrity Monitoring Features

Delivering Security and Compliance Outcomes

CONTINUOUS AND AUDIT-READY COMPLIANCE

Armor FIM addresses key change control processes required by PCI DSS, HIPAA, HITRUST, SAN CSC, NIST, and other frameworks.

POWERFUL ADVANCED ANALYTICS AND CORRELATION

New events are analyzed and correlated with existing event data from your other devices under Armor management. Through our Spartan threat prevention and response platform, we deliver enhanced detection of potential threats across your cloud, on-premise, hybrid, and hosted environments.

ADVANCED THREAT DETECTION

Armor FIM provides an extra layer of protection at the host level to detect suspicious activity and alert you to potential threats.

RESPONSE THAT GOES BEYOND ALERTING

Unlike traditional managed security service providers (MSSPs), Armor goes above and beyond simple FIM alerting. Our security operations center (SOC) analysts monitor your environment 24/7/365 and work closely with your cybersecurity team to investigate and respond to potential incidents.

Making Cloud Security Simple

Armor - The first totally secure cloud company

How Our File Integrity Monitoring Works

Delivered through an agent and installed on your virtual servers/instances/workloads, FIM is designed to monitor critical OS files, configurations, and processes as well as application files and related activities for potential indicators of compromise.

The FIM service establishes a baseline by which future activities are compared against and applies standardized monitoring policies for each workload (Linux/Windows).

Event data is fed into Armor’s Spartan threat prevention and response platform for analysis and correlation with alerted items reviewed further by Armor SOC personnel.

Armor File Integrity Monitoring looks for:

  • Changes to critical OS files and processes such as directories, registry keys and values
  • Changes to application files
  • Rogue applications running on the host
  • Unusual process and port activity
  • System incompatiblities

Armor’s File Integrity Monitoring Delivers Trusted Security

Unify protection across your cloud, on-premise, hybrid, and hosted environments through correlation of FIM events with other security controls under management.

  • Get access to battle-tested security and compliance experts monitoring your environments 24/7/365
  • Address key compliance controls involved in file integrity monitorin
  • Go beyond simple alerting to respond to incidents

WHAT MAKES ARMOR SOLUTIONS SO COMPLETE, EASY AND EFFECTIVE AGAINST TODAY’S CYBER THREATS?

The Armor Spartan threat prevention and response platform is how Armor delivers security outcomes for our customers. The Armor Spartan platform is purpose-built to leverage the agility and speed of the cloud, scaling up to drive new community insights against an ever-changing threat landscape as well as scaling out to provide unified visibility across an ever-changing IT landscape.

#####EOF##### Cyber Security Pricing and Solutions in 30 Seconds - Armor

Protecting your business means securing your data. How you go about this is a critical decision that could propel your organization to great success.

FOLLOW THE PATH of our quick 30-second discovery tool to align your data workloads with the correct solutions that will meet your security, compliance and business objectives.

Find Your Solution Diagram

Pricing in 30 Seconds

By completing and submitting this form, you understand and agree that Armor may contact you regarding relevant content, products and special offers. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to Armor’s Privacy Policy

#####EOF##### About Armor and Your CyberSecurity Experts - Armor

Making Cloud Security Simple

Armor is a cloud security company that takes the complexity out of protecting your data, whether it resides in a private, public, or hybrid cloud—or in an on-premise IT environment. We provide managed security solutions that give you a clear picture of threats facing your organization. This allows us to provide you with the people and security resources to stop attacks before they happen and react quickly and effectively when they do, keeping your data safe and compliant.  Wherever you are on your cloud journey, Armor can help. We make cybersecurity simple.

Leadership Team

Enterprising minds. Leading by example.

Board of Directors

Years of experience. Extraordinary council.

#####EOF##### WannaCry Ransomware Response Kit for Cloud Security - Armor

How WannaCry Spread

On April 15th, a group of threat actors, known as the “Shadow Brokers”, released a large collection of offensive security tools and data to the world. Threat actors used the deadly combo to infect thousands of computers with WannaCry ransomware in close to 100 countries, including the UK’s National Health Service (NHS), Spain’s Telefonica and FedEx. 
Image of How WannaCry Spread

How Armor Responded

We know ransomware can be a devastating event for any company. At Armor, we protect companies like yours every day leveraging our Managed PDRR platform. Armor Protects, Detects, Responds, and enables you to Recover.

Armor had previously identified the root vulnerability that enabled WannaCry to spread. Through active managed Protection, we worked to ensure proper patching and configuration changes were enacted. As a result, none of our customers have been affected by the WannaCry ransomware to date. Should a customer have been compromised, Armor’s included 14-day environment snapshot would have allowed our customers to Recover through a rollback.
Image of Armor's response to WannaCry

We’ve created this resource page which we will constantly update with useful information on the spread and containment of WannaCry. Below and to the right, you’ll find a variety of insight, including a white paper, covering the details of the WannaCry ransomware and how to protect yourself against similar threat actors.

WannaCrypt Attacks

Guidance for Azure Customers

Whether or not you were impacted by the recent WannaCrypt malware, Microsoft recommends all Azure customers take 8 steps, found in this blog, to further protect your organization from attacks like these.

MalwareTech Botnet Tracker

WannaCry Infection Map

View maps which display the geographical distribution of malware infection.

White Papers

Ransomware Threat Report: WannaCry

In this white paper, the security experts at Armor give you in-depth coverage and insights of the WannaCry ransomware including: what it is, how it spreads, and how you defend against it.

admin Image

admin

Webinars

Overcoming WannaCry

WannaCry was a massive ransomware attack that affected 230,000 machines. Learn more about WannaCry and how to protect your data with our webinar.

admin Image

admin

Armor Threat Intelligence Briefing Signup

Keep up-to-date on the latest threats.

Have you been affected by the WannaCry ransomware?

Our security specialists are standing by to help you overcome WannaCry.

Chat with a security specialist live:

8 a.m. – 6 p.m. CDT
9 a.m. – 6 p.m. BST

Or, call a security specialist:

8 a.m. – 6 p.m. CDT
+1 877 262 3473

#####EOF##### eBooks - Armor

eBooks

eBooks

eBooks

The Economics of Cybersecurity

Companies today must be in compliance with many industry standards while also maintaining the security of their data. With ever-increasing risk to that data, breaches and leaks are now par for the course. As such, it’s not enough to rely solely on your CIO to divert your company from danger. Accounting and finance leaders play […]

Amy Bakameyer Image

Amy Bakameyer

eBooks

GDPR AND THE FUTURE OF PRIVACY: Creating a complementary solution with tokenization and SECaaS

Storing sensitive information on-premise, even with the strongest security posture, still poses a risk of a data breach. Partnering with tokenization and SECaaS providers is a way to mitigate those risks and focus on maintaining and building your business. We discuss ways you can address the main tenants of GDPR utilizing these complementary solutions. This […]

Amy Bakameyer Image

Amy Bakameyer

eBooks

Dwell Time eBook

FIVE DAYS TO ACTIONS ON OBJECTIVES Dwell time as a critical security success metric How do you measure the effectiveness of your organization’s cybersecurity? Identifying cyberattacks, containing threats, and remediating your IT environment are key to protecting your business. Increasing cyberthreats and data breaches have touched everyone, from small businesses to large corporations. Dwell time […]

Amy Bakameyer Image

Amy Bakameyer

#####EOF##### Optimize Cyber Security with Armor Assessment Tools - Armor

Analyze the performance and efficiency of your security program with our intuitive security assessment tools. Our assessment tools help you optimize your existing resources. They help identify what you can do to become secure.

ARMOR ADVISOR TOOL

FIND THE RIGHT ARMOR SOLUTION FOR YOU

Protecting your business means securing your data. How you go about this is a critical decision that could propel your organization to success.Determine a path to cloud security success in 30 seconds with the Armor Advisor Tool. This tool provides insight into your data workloads and which Armor solution will help you meet your security, compliance and business objectives.

SECURITY GAP ANALYSIS TOOL

Identify Security Program Gaps and Vulnerabilities

Armor has designed a benchmarking tool to help you identify security gaps in your current cloud hosting strategy. This tool will help you identify the problems in the way your business currently manages and secures data in the cloud, and help you get started on fixing them.

Armor Cloud Formation Template

Spin up in minutes

Armor has developed a cloud formation template to reliably and consistently spin up the basic client/server architecture necessary to run web applications in AWS in a way that is in-line and consistent with the HITRUST guidelines for implementing HIPAA in the cloud. This allows our clients’ developers to move at the speed of modern DevOps shops, while staying in-line with our clients’ security and compliance concerns.

CHECK IN ON ARMOR

Monitor the current status of Armor’s solutions and servers

Armor’s intuitive status dashboard provides real-time visibility into the health of our infrastructure and security solutions. Leverage the interactive tool to confirm service availability based on geography, and also the status for storage, security controls, hosts, management portals, or APIs.

#####EOF##### Armor

Knowledge Center

The latest content and thought leadership from Armor experts

Registrations

Registration Pages

Game of Code: The Web is Dark & Full of Terrors

When you play the Game of Code, you win or you lose — maybe not your head, but money, clients, and, potentially, your business. Never fear! Armor is full of knights, sworn to protect client data, working hand-in-hand with the Kings of the Realm, like AWS, to ensure your infrastructure is secure from start to finish. We add human wisdom and […]

Rachel Chism Image

Rachel Chism

Registration Pages

AWN: Zero to Hero

Far too many of our nation’s best and brightest women in tech work as hard as they can to advance their careers without really understanding how important it is to build their value and communicate their worth. It’s time to teach these women how to work smarter, not just harder, to become more effective and invaluable to the companies they work with. Lauren shares her personal story of going from zero network, zero skills, and zero job prospects to becoming a highly valued, top engineer with global connections in just two short years. You’ll come away with steps you can take to immediately start building your value and become an asset at work and in your tech career.

Amy Bakameyer Image

Amy Bakameyer

#####EOF##### Cloud-delivered Log Management Services - Armor

Is your cybersecurity team overwhelmed by the volume of log data your environment creates?

Simplify your operations. Armor will sift and sort your logs, alerting to any shady behavior

The evolving cybersecurity landscape and rapid increase in malicious security events over the past decade have forced security professionals to adapt, switching from just protection to detection and response. No longer can they expect to build an impenetrable fortress and defend the perimeter—the barbarians are not only at the gate, many have been dwelling inside for years.

Device logs have proven to be an indispensable resource for collecting data and providing insight into potential cyberthreats and compromised networks, but the raw data is useless without proper analysis and correlation. Unfortunately, the amount of information delivered on an hourly basis overwhelms most IT security teams. Finding themselves hindered by volume, velocity, manpower, and competing priorities, they are often unable to analyze and correlate the data, preventing them from finding the value in the volume.

Armor Log Management

This service collects, analyzes, and reports on event logs from firewalls, servers, OS logs, and other applications. Clients can view 30 days of logs in the Armor management portal (AMP) and store up to 13 months of log events, meeting all applicable regulatory requirements.

Analysis and Insights to Inform Threat Prevention, Detection, and Response

Armor’s log management service simplifies the process of data collection, analyzation, and correlation, delivering information that is useful and available from any device within your IT environment. Your security team is able to bypass the collection and analysis phases and focus on other objectives—only getting involved when it’s time to make decisions and implement remediation.

If you want to dig deeper and ensure the clarity of your signal, the Armor management platform (AMP) allows you to adjust the tuning of your correlated analysis to further reduce noise, improving detection accuracy, and alerts. If you need assistance of the human kind, the experts in our security operations center (SOC) are available on-demand 24/7/365.

Armor Log Management Features

  • Advanced Analytics and Correlation
    Perform advanced analysis and correlation of logs to detect threats that may pose a risk to your environment. Enhance your security posture while offloading the burdens associated with log management and analysis. Reduce alert fatigue for your analysts and focus on the correlated events that matter most.
  • Unified Protection & Visibility for Data in Your Environment
    Collect, manage and analyze logs from anywhere in your environment whether on-premise, in the cloud or in a hybrid setup. Utilize pre-built connections into hundreds of pre-identified security devices to ensure you're receiving the utmost protection from your security controls. Correlate log information with other event data collected from your environment as an Armor customer.
  • Audit-Ready Compliance
    Meet PCI, HIPAA, HITRUST, GLBA, GDPR and other compliance requirements related to storage and analysis of log information. Get audit-ready reporting capabilities with Armor's Log and Event Management solution.

You have to collect the dots to connect the dots

Armor Log Management brings the dots together so our threat prevention and response platform can connect them.

External Application Logs

✓ Firewall
✓ Next Gen Firewall
✓ Web Application Firewall
✓ IDS/IPS
✓ EndpointsAnalyze and correlate event logs from perimeter “appliances” and endpoints with host and container event data to identify potential advanced threats.

Container OS Logs

✓

✓

✓Other OS/PlatformsAnalyze and correlate container OS logs into your overall security monitoring program to provide extended security coverage for containerized applications. Leverage logs for forensic purposes and reviews of network activity, if needed.

Host OS Logs

✓
✓
✓
✓
✓

Get integrated security and hardened OS protection across your on-premise, cloud, and hybrid environments.

Log Collection, Analysis, Correlation, and Retention to Address Security and Compliance Controls
Powered by Spartan Threat Prevention and Response Platform

Armor Log Management and Compliance: A Space Odyssey

In addition to detecting, identifying, and eliminating cybersecurity risks to your company, log management is a requirement for companies that must meet government and industry regulatory frameworks. You can store as many logs as you need for up to 13 months, which meets all applicable mandates. Whether you require a space station or a galaxy for your storage, Armor log management is usage-based; you only pay for what you need.  

 
Compliance solutions provided: 

  • Support for PCI, HIPAA, HITRUST, GLBA, GDPR, and other compliance frameworks 
  • Audit-ready reporting 
  • Storage for incident-related analysis and data 

When It Comes to Cloud Security, Are You Just Posturing?

Research has shown that executives in security and IT functions may be markedly overconfident in their cybersecurity preparedness. Studies partially attribute this misperception to their benchmarking methodologies. They were benchmarking using their own benchmarking and criteria, and, in some cases, not even conducting an assessment. Are you falling prey to this mistake? The lack of a consistent, external, and standardized benchmarking process could be putting your business and your customers at risk—from both a security and compliance standpoint.

ARMOR MANAGEMENT PLATFORM

UNIFY LOG MANAGEMENT

The Armor Management Portal provides unified management of your logs from any device in any environment.

UNIFY YOUR ENVIRONMENT WITH AMP

  • Turns up log collection, analysis and management in minutes
  • Provides real-time reporting on devices sending logs, usage, retention and cost
  • Delivers powerful self-service capabilities and search tools
#####EOF##### Threat Resistance Unit - Armor

Armor Threat Resistance Unit

The Armor Threat Resistance Unit (TRU) is an elite sector of our security operations center (SOC), TRU’s mission is to stay ahead of cybercriminals on the everchanging landscape of cybercrime. The unit gathers knowledge about new and emerging threats and turns it into threat intelligence that strengthens the defenses we build to protect our customers’ IT environments. TRU is staffed by seasoned former members of top cybersecurity teams in the intelligence community, with more than 60 years of combined experience.

View Transcript
View Transcript

Armor’s Threat Resistance Unit Delivers Threat Intelligence to Protect Your IT Environment

Dynamic Threat Blocking

Armor’s dynamic threat blocking (DTB) is a cloud-based IP reputation management service (IPRM) that maintains and continuously updates our proprietary blacklist and incorporates data from third-party feeds to block incoming and outgoing malicious IP addresses from communicating with your network. It works at every layer of your IT environment—network, host, or application.

Exploit and Malware Analysis

TRU dissects malware and other cyberthreat payloads to figure out how they work and who they could affect. Then the SOC applies that knowledge to create rules-based countermeasures that will automatically detect future threats and protect our infrastructure and our customers’ IT environments.

Threat Hunting

We scour the internet for new and emerging cyberthreats and gain knowledge of the latest tactics, techniques, and procedures (TTPs) cybercriminals are using to implement malicious events. We break those down and apply that knowledge to reverse engineer threats and test our security controls. We build new defenses to counteract these threats and make sure they are working to protect our infrastructure and that of our customers.

Threat Intelligence

Armor’s SOC, including TRU, gathers and consumes threat intelligence from multiple sources (e.g., dark web, deep web, pastebin sites, previous events and logs, black market sites and hacker forums, etc.) and then takes appropriate action. Throughout this process, we not only scan for threats in general but apply targeted monitoring to find and secure sensitive customer information that may have been attained through a compromise or intellectual property theft.

SOC Force Multiplier

TRU augments existing cybersecurity teams so that threat hunting doesn’t become another SOC workload. TRU pores over your uploaded logs and searches for anomalies, signatures, and patterns. Looking for the threats the AV community has not identified yet. When threats are detected, TRU works with the SOC to refine and implement new security controls and signatures. Acting as the SOC’s early warning system, we share threat intelligence, enabling the SOC to rapidly deploy security tools and other countermeasures, while arming them with up-to-the-minute information on cybercriminals’ latest TTPs.

Meet the Threat Resistance Unit

Armor’s TRU experts have extensive experience in penetration testing (i.e., computer network exploitation operations) and red team operations. TRU not only works for Armor and our customers, but they contribute their intelligence and findings to the larger SecaaS community, fighting to make the internet and the cloud safe for business.

TRU in Action | Drupalgeddon 2

Drupal vulnerability was discovered in March 2018 and TRU aided with a post mortem analysis after a successful compromise. Senior Threat Intelligence Analyst, Corey Milligan, identified malicious files that were deployed at the time of compromise but hadn’t been seen by the major anti-virus vendors (AV) yet. TRU worked closely with a third-party vendor to scan and signature all the related files. Upon signature deployment, other compromised hosts were discovered that the AV vendors had missed. We submitted more than 100 previously unidentified malicious files to aggregators like VirusTotal.

Armor Security Operations Center in Action

Our elite SOC team tirelessly monitors and protects your critical data workloads and applications, whether they are in the cloud, on premise, or a hybrid environment. When you partner with Armor, our cybersecurity experts act as an extension of your security program with 24/7/365 monitoring and protection.

Learn how the Armor SOC works to form a protective barrier against threat actors and the attempts they make to compromise your organization.

#####EOF##### Our Customers Rely on Armor Cyber Security - Armor

From different industries, countries and walks of life, Armor customers can all claim one thing: that their critical data is protected with uncompromised cloud security. Learn about their success and how we are helping them achieve their operational goals in a cyber threat-filled world.

Baxter Credit Union Logo

Armor Anywhere allows BCU (Baxter Credit Union) to meet PCI standards while securing their Microsoft Azure-hosted instances.

Innovum Logo

Innovum optimizes security for its cloud-based gaming license management platform with Armor Anywhere.

Hitrust Logo

HITRUST relies on Armor to secure their MyCSF application

FTNI logo

FTNI leverages Armor technology, security and scalability as differentiators in an ultra-competitive payment processing market.

Ascendio logo with blue A

Armor helps Ascendio achieve risk reduction and PCI compliance.

gotoBilling differentiates its software payment service with a sound security strategy via Armor’s PCI-compliant cloud environment.

QualSight Lasik logo

Armor transitioned QualSight from in-house, dedicated hosting to a secure cloud environment.

Dyn Logo

Armor helps secure DYN’s always-available infrastructure services.

Cancer Research UK logo

Armor provisions a platform with best-in-class security features to ensure stored payment details remained protected at all times.

Ortho Kinematics logo

Ortho Kinematics turned to Armor to help them meet HIPAA compliance requirements.

Facility Source Logo

FacilitySource leverages Armor’s managed secure cloud to consistently exceed client expectations.

#####EOF##### Webinar Archives - Armor

Events Calendar

Loading Events

April 2019 › Webinar

Calendar Month Navigation

MonTueWedThuFriSatSun
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Webinar | At the Gates of the Cloud: The Mindset of Small & Medium-Sized Enterprises

18
19
20
21
22
23
24
25
26
27
28
29
30
1
2
3
4
5
#####EOF##### Armor Vulnerability Scanning - Armor

Don’t Let Anyone Come Between You & Your Network

Vulnerability Scanning Finds the Gaps so You Can Fill Them

It’s do or die out there. Cybersecurity is never the same game. Cybercriminals want what you have—information—and they won’t stop until they get it. The bad guys are always lurking, looking for new ways (or repurposing old ones) to infiltrate your network and take anything that will make them money. It is always imperative to stay one step ahead, managing risk and ensuring compliance.

Armor’s vulnerability scanning service puts our clients in control of their network. Keeping them ahead of the next threat through increased visibility, preparedness, and protection. Armor’s service scans internal and external networks for technical vulnerabilities, patching, and compliance issues—providing clients with the ability to mitigate risk and ensure compliance. This vulnerability heads-up can be the difference between an epic cyberbattle success story or a tragedy of Infinity War proportions.

Armor’s vulnerability scanning service is powered by our industry-leading threat prevention and response platform, which not only keeps clients secure but gives them access to the Armor management portal (AMP) scanning console. Through AMP, they can manage their scans and vulnerability reports, review past incidents, and continually monitor compliance results to stop threats before they are attacks. The result? A secure environment that makes compliance easy.

Vulnerability Scanning Plays Well with Others

The vulnerability scanning service enhances both our Armor Anywhere security-as-a-service (SECaaS) solution and our Armor Complete secure hosting solution, providing end-to-end security and audit-ready compliance across your entire IT environment.

Keeping Up with the Cybercriminals

Armor doesn’t just secure your network. We monitor and secure your hosts. A defense-in-depth solution that secures your operating system (OS) up to the application layer. Armor’s vulnerability scanning service assesses and reports risk across your entire infrastructure powered by:

  • Lightweight endpoint agent
  • Live dashboards
  • Real risk prioritization
  • IT-integrated remediation projects
  • Cloud, virtual, and container assessment
  • Integrated threat feeds
  • Easy-to-use RESTful API

Vulnerability Scanning Features

  • Weekly Scheduled Vulnerability Scans
    Weekly scheduled scans to identify vulnerabilities in your environment, the patches available to address those vulnerabilities and track your progress towards overall environment health.
  • Vulnerabilites by CVSS and Criticality
    Ranked views of the vulnerabilities hitting your environment that are categorized by CVSS score and criticality. Help your teams prioritize their weekly patching schedules with Armor's weekly vulnerability reports.
  • Detailed Synospis of Vulnerabilities and Exploitable Hosts
    Get detailed summaries of each vulnerability in your environment. See descriptions, related CVEs, host information on affected endpoints, and solution/patching details.

Armor Vulnerability Scanning Delivers Enhanced Security and Eases the Path to Compliance

An external vulnerability scan looks for gaps in your network firewalls, where bad guys can get in and wreak havoc. An internal vulnerability scan operates inside your organization’s firewalls to identify real and potential vulnerabilities in your environment.

Armor external vulnerability scanning service:
Offered for publicly available Armor Anywhere-protected instances on an individual request basis through the Armor ticketing system on AMP.
Schedule scans and through the agent*:

  • Collect the following types of data:
      • – Basic asset identification information
      • – Windows registry information
      – File version and package information
  • Compress it
  • Submit it back to its cloud

Armor internal vulnerability scanning service:

  • Installs with the Armor agent
  • Performs local scans on the installed asset
  • Reports vulnerability, patching, and compliance results
  • Presents scan results through AMP scanning console

Access output and reports on the Armor security dashboard.

*The agent performs a “Full Audit without Web Spider” scan. A full network audit, it uses only safe checks, including network-based vulnerabilities, patch/hotfix checking, and application-layer auditing.

Making Cloud Security Simple

Armor - The first totally secure cloud company

Shared Responsibility: Who’s in Charge of What?

Since installation and management of the service requires collaboration between the client and Armor, the shared responsibility model applies. The following table gives a brief overview of the breakdown. For more detailed information, please download the Armor Vulnerability Scanning datasheet.

Responsibility BreakdownArmorClient
Provisioning and management of vulnerability scanning service✓
Availability of vulnerability scanning service portal✓
Initial configuration of customer account details✓
Subsequent configuration of environment scan: scope and scheduling✓✓
Ongoing scan modification✓✓
Remediation of detected vulnerabilitiesUpon request✓
Remediation of detected vulnerabilities and disputes in application✓✓
Review of reports by Armor’s security operations teamUpon request✓
Application of scan reports to customer audit✓✓

Armor Solutions: Making Cloud Security Simple and Effective

Spartan is the IT security industry’s leading threat prevention and response platform. Armor integrates advanced analytics, global threat intelligence, and continuous response capabilities into a single platform that bolsters your defenses, uncovers hidden threats, and prevents security breaches. Whether your sensitive data and workloads are stored in a private, public, or hybrid cloud—or in an on-premise IT environment—Spartan provides a proactive approach to cyberthreats.

#####EOF##### Cloud Compliance - Armor Security as a Service

Armor actively reduces your security and compliance burden by providing the highest level of managed security for your customers’ data. Whether you host your data in our virtual private cloud or another cloud, our services enable you to more easily meet HIPAA, PCI and GDPR cloud compliance requirements.

Armor actively defends sensitive ePHI, PII, credit card and transaction data.

Outsource costs tied to staff, audit expertise and security via secure hosting solutions.

Audit- and assessment-friendly, our services address key requirements of PCI and HIPAA compliance.

Mapped roles and responsibilities for smooth PCI- and HIPAA- compliant hosting.

Compliance Standards We Support

COMPLIANT HOSTING BENEFITS WITH ARMOR

Cost-Effective Compliance

Mitigate Risk

Outsource Expertise

Compliance Inheritance

Faster Audits

Certified Consultants

How Do I Become Compliant?

Through Armor’s partnerships with industry-leading compliance validation firms, it’s never been easier to achieve HIPAA, PCI and GDPR cloud compliance with Armor compliant hosting solutions. Use this six-step framework to better understand how to approach HIPAA, PCI and GDPR cloud compliance and your recurring audits.

Compliance Image showing Cyber Security in Multiple Industries
Know Your Data

You can’t enable proper cyber security or comply with regulations if you don’t know what data you store, transmit or access. Map and classify your data, determine which are in the scope of various cloud compliance requirements (e.g., HIPAA, PCI, GDPR, etc.) and record where they're located.

Establish cloud compliance as a baseline, not an objective

Cloud compliance is a foundation to security, but it’s just a baseline and can't be the sole objective for a security program. The smart approach is to build a sound security strategy and environment that will go above and beyond basic compliance requirements. The investment in a compliant hosting solution will better protect data, customers and your business in the long run.

Partner With Experts

Much of the legwork outlined in steps 3-6 is minimized if you partner with a proven security expert to protect your data in a compliant hosting environment. This compliant partner can provide the necessary paperwork for your audit. The right vendor will also offer consultation through other aspects of the audit, if necessary.

Understand Requirements

Each regulation is different — and some are more prescriptive than others (e.g., PCI). Start your journey by first familiarizing yourself with any regulations that affect your data. Enlist the help of cloud compliance experts or certified auditors to gain a deeper understanding of the process.

Map Controls To Regulations

It’s time. At this stage, you’ll begin aligning your environment and data with the secure cloud controls of specific requirements. As mentioned, some regulations are more prescriptive than others, so there may a handful of judgment calls. A qualified security vendor will share this burden with you and minimize some of the work — particularly if they're already securing your data in a HIPAA-, PCI- or GDPR-compliant cloud environment.

Follow Audit Best Practices

Document everything about your security compliance — environment, data, workloads, internal tests, policies, technology, controls, third-party access, etc. — for your auditor. Not only will this make their job easier, but it will prove that you’re organized, proactive and detailed-oriented. It’s also advisable to collect two or three examples of clear and comprehensive evidence that shows you’ve met each control.

#####EOF##### Microsoft Azure Cloud Security - Armor

+

ARMOR ON THE AZURE MARKETPLACE

BUY AND DEPLOY IN MINUTES

ISN'T AZURE ALREADY SECURE?

You selected Microsoft Azure because the datacenter-, physical- and role-based access controls are world class. But every customer on Azure is responsible for securing their own virtual machines, applications, databases and networks. That’s why we created Armor Anywhere.

Armor Anywhere provides Azure cloud security – allowing you to protect your Azure cloud investment by adding advanced security controls and a proactive security team to your Azure instances.

Managed Cloud Security for Microsoft Azure

Our relationship with Microsoft is built on the shared goal of providing transparent, reliable cloud security to Azure customers. Through this partnership and our experience as a born-in-the-cloud cyber security services provider, only we can provide the following benefits on Azure:

  • Transparent cloud security powered by best-of-breed security technologies
  • 24/7/365 security monitoring and support for your Azure instances from our proven security operations center (SOC)
  • Outcome-driven managed security with dwell time 100 times shorter than industry average
  • Simplified compliance audits and assessments (HIPAA,  PCI DSS, etc.)

Learn more about our partnership with Microsoft.

Joint Armor and Microsoft Datasheet

Microsoft’s Armor Case study

SHARED RESPONSIBILITY

While operating in the Microsoft Azure public cloud has many cost, time and flexibility advantages, it’s important to remember that securing your environment on this platform is solely your responsibility. Per Microsoft’s white paper, Shared Responsibilities for Cloud Computing, “Microsoft Azure does not monitor for or respond to security incidents within the customer’s area of responsibility.”

Armor reduces the burden of these challenges for your organization by sharing both risk and responsibility for Azure cloud security. Purpose-built to achieve a secure and compliant posture for your data, Armor Anywhere makes it easy to balance security, cost-effectiveness and cloud agility.

TRUE MANAGED SECURITY CUSTOMIZED FOR YOUR AZURE VMS.

The Azure cloud includes basic security controls for all customers. But you require enhanced security for specific types of data that can only be provided by Armor. Whether you add it to existing instances or deploy new VMs, you can protect your Azure workloads with Azure cloud security from Armor Anywhere.

Gear and Shield Icon
Right Workload, Right Security

Not all data needs maximum Armor security. But it should still be secured by experts. With the option of our virtual private cloud or Armor Anywhere, you now get the use of both.

Person icon over grey clock
Public Defenders

Trust our security experts – armed with the most advanced technology – to instantly provide Azure cloud security for your data workloads and applications.

Black Crosshairs Icon
Single Point of Value

Find your perfect blend of cloud security, value and performance. And know it’s always managed and optimized by your expert Armor team.

#####EOF##### Managed AWS Security Services - Armor

+

ARMOR ON THE AWS MARKETPLACE

BUY AND DEPLOY IN MINUTES

Armor for AWS

White Papers

Armor Anywhere on Amazon Web Services

Confused on what shared responsibility means for you when moving to Amazon Web Services? This white paper is intended to help you make better-informed decisions about the security control options for AWS usage so you can choose the best combination of controls for your organization’s situation and needs.

Armor Automated Compliance – HIPAA

Armor has developed a cloud formation template to reliably and consistently spin up the basic client/server architecture necessary to run web applications in AWS in a way that is in-line and consistent with the HITRUST guidelines for implementing HIPAA in the cloud.

Certified AWS Security Competency Partner

Don’t let this burden of shared responsibility in the public cloud outweigh the flexibility and cost-savings benefits of AWS.

Streamline protection and control of your AWS-hosted data with Armor Anywhere, a 24/7/365 managed cloud security solution built to help shoulder the burden of AWS cloud security.

As a Certified AWS Security Competency Partner, we bring uncompromised cloud security to AWS data. This means AWS customers receive the highest possible level of security, compliance and transparency – including the ingestion of AWS CloudTrail – without the need for additional headcount or DIY security tools.

Maximize your public cloud investment with AWS cloud security Armor Anywhere.

AWS Technology Partner, Security Competency, logo

Armor is an AWS Advanced Security Partner

AWS Security Competency Status is only awarded to AWS Partner Network (APN) members that have demonstrated technical proficiency and proven customer success in specialized solution areas. Only eight security providers, including Armor, have earned this certification.

Armor Anywhere on AWS

Armor Your AWS-hosted data

Armor Anywhere is a scalable, managed cloud security solution that integrates best-of-breed security technology – selected and managed by the experts in our SOC – directly on top of your AWS-hosted data.

Bringing security out of the black box, it provides real-time transparency and control with the Armor Management Portal (AMP), giving you a single-pane-of-glass view of your Armor-protected AWS data.

Armor Anywhere also simplifies AWS HIPAA and PCI compliance by passing on inherited compliance controls to Armor-protected data.

All of these capabilities are made possible by our approach – a level of AWS cloud security proficiency that only Armor is built to deliver.

Armor Anywhere Security Features

What is Shared Responsibility?

Isn’t AWS already secure?

It’s a common misconception that your cloud provider secures your data. While some providers offer security tools, the fact is, you’re responsible for everything operating on their cloud. For AWS, this means they manage security “OF the cloud,” while customers are responsible for security “IN the cloud.”

Understanding your responsibility in the cloud is critical to getting the most from your public cloud investment.

The graphic below outlines the responsibilities managed by AWS and the aspects that Armor helps you manage.

#####EOF##### Cloud Security Frequently Asked Questions - Armor

Frequently asked questions about cloud security

The cloud can be overwhelming, especially if you don’t know where to start. View our cloud security essentials FAQ and overcome your cloud-based confusion. 

Shared responsibility refers to a general framework outlining agreed-upon separation of security and maintenance obligations between providers and their customers. Created by cloud service providers, this framework outlines responsibilities that are typically split in such a way that service providers are only accountable for securing and maintaining cloud infrastructure while the customer is responsible security and management of their data and applications.

Along with cost, ease of use and reliability, understanding a provider’s shared responsibility model is a critical distinction when selecting cloud services – especially since that choice may impact the ability of an organization to pass compliance audits and assessments.

There’s a common misconception that public cloud providers handle all aspects of your cloud environment – including security for your data and applications. While it’s true they handle much of the heavy lifting, they’re only responsible for securing the infrastructure supporting the cloud – you’re still responsible for managing your data and applications. 

This misunderstanding not only places your compliance at risk, it also leaves your critical data exposed to compromise if integral aspects of your cloud security are unaccounted for. 

Confusion about shared responsibility is an industry-wide issue with long-lasting effects. In fact, Gartner predicts that customers, not providers, will be responsible for 95% of cloud security failures through 2020.  

With so much to lose (revenue, productivity and reputation), it’s critical that every organization understand their responsibility in the cloud. 

We recommend that you ask your cloud services provider for their shared responsibility matrix to learn what they cover.

In 2016, more than one billion records were compromised in security breaches. The individual cost of a data breach is enormous. Data breaches not only put your customer’s information at risk, they can threaten your reputation and the hard-earned trust of your customers. And that’s before accounting for insurance payouts and regulatory fines after a breach. 

An effective security program that constantly monitors and manages access to your cloud environment is essential for protecting against threat actors and preventing costly and damaging data breaches. 

It could be the difference between success and devastating failure in the cloud.

A Security Operations Center (SOC) is the nerve center of your security program. Staffed 24/7/365 by security analysts configured in multiple teams based on discipline, a SOC monitors and scrutinizes network activity using security technologies. This continuous monitoring allows for rapid response to anomalous activity and coordinated mitigation when network- and machine-level threats are detected.   

Learn more about the Armor SOC

While seemingly similar, these two cyber security terms differ based on their levels of severity: 

Compromise: A “compromise” suggests that an unauthorized user (typically, but not always a threat actor) has accessed your system, but data has not been exfiltrated (i.e. removed from the network).  

Breach: A “breach” implies that critical data has been accessed, stolen and has the potential to be released or used maliciously.  

Both compromises and breaches must be taken seriously, but the consequences of a breach can be far more severe.  In addition, breaches require the company to follow reporting procedures to notify required regulatory organizations and customers.

Managed Security is a broad term for the management of your security posture by a 3rd-party security provider, like Armor.  

The biggest benefit of relying on a 3rd-party security provider is that security is complex, specialized, time-consuming and expensive – especially when considering the costs of full-time security staff.  

A managed security provider delivers hands-on, 24/7/365 threat prevention, monitoring and response – powered by an expertly staffed and supported SOC. This service is designed to extend the team of in-house IT or InfoSec personnel responsible for security and while also eliminating the need for DIY security tools.  

At Armor, “managed” extends beyond defending cloud-based instances to also include compliance support (HIPAA, PCI, GDPR, etc.). Armor customers benefit from inherited compliance controls and access to the compliance expertise in our security operations. This streamlines audits and assessments while also allowing for continuous compliance through security-driven best practices.  

The term do-it-yourself (DIY) security tools refers to ad hoc or piecemeal security software or tools that organizations can purchase and implement without sustained assistance from a third party (i.e. service provider). 

Organizations seek these solutions for their cost effectiveness and quick implementation. However, while DIY tools are cost-effective in the short term (alleviating the need to build a robust and expensive in-house security program) they require hands-on configuration and management to ensure long-term effectiveness. Without proper implementation, these disparate tools and solutions won’t reach their full potential and may – ironically enough – create additional vulnerabilities for your environment.  

And, that’s if you’re even able to select the correct software or tool for your needs. The cloud security marketplace has been flooded in recent years with a plethora of offerings, causing confusion for organizations seeking to develop in-house security programs.  

At Armor, we reduce the challenge and the need for DIY-based security programs. We deliver both talent and best-of-breed tools for organizations in the cloud – reducing the need to handle all security aspects in-house.

Dwell time refers to the time between when a threat actor enters a system and when that threat actor is detected or expelled.  Obviously, the more time a threat actor spends on a network, the more data is potentially compromised.  

That’s why continuous monitoring is crucial.  The sooner a threat is detected, the sooner action can be taken to expel the threat actor. In addition, you want to have a plan in place before threats happen so the time between detection and action is as low as possible. 

Armor currently boasts a dwell time 100x times faster than the industry average. It’s one of the many ways we deliver industry-best security outcomes for our customers.

There are three different types of clouds:  Public, Private and Hybrid:  

Public Cloud:  

In the public cloud model, storage and applications are provided online by service providers like Amazon Web Services (AWS) and Microsoft Azure.  The service provider bears the burden of hardware, housing and maintenance while the customer is responsible for their data and applications. 

Because they’re based entirely online, public clouds are inexpensive and easily scalable, making them a good choice for companies of all sizes. However, public clouds lack the ability to customize your solution and, on their own, present some security challenges as you are essentially handing over your sensitive data to a faceless stranger with servers in some remote location and sharing those resources with many other people and organizations.  

Your public cloud provider will secure the data center, physical servers and cloud management platforms, but you’re still responsible for the most sensitive elements, including data, operating systems and applications (see Shared Responsibility). 

Private Cloud: 

In the private cloud model, the cloud environment is used by only one business, and the infrastructure is usually purchased, maintained and housed by that organization, although there are service providers that offer private cloud hosting. 

Private clouds offer more control and customization and more robust security than public cloud options. However, private clouds tend to be expensive and lack the scalability offered by public cloud providers. 

Securing your private cloud requires establishing physical access controls, including a log of who enters that data center and when. In addition, it’s critical to update the physical hardware of your data center as technology advances and threats evolve. 

Hybrid Cloud 

In the hybrid cloud model, an organization uses a mixture of both public and private clouds.  

Hybrid clouds offer the best of both worlds with the obvious benefit being that a business can evaluate their needs and take advantage of the best parts of public and private clouds while avoiding the challenges of each.  For example, an organization can choose to host only their most critical data on on-site infrastructure but utilize a public cloud for less-sensitive information. There’s also the opportunity to host an application on a public cloud, employ multi-factor authentication for users and allow access to data on a private cloud, taking advantage of the best of both worlds.

View our HIPAA and PCI FAQ pages to learn more about compliance in the cloud. 

#####EOF##### Armor Threat Hunting

Armor Threat Hunting

Armor threat hunting is exactly what it sounds like: We hunt cyberthreats. To ensure our clients’ data is secure, the threat resistance unit (TRU) of our security operations center (SOC) actively searches and scans your network and hosts for indications that they have been compromised, while seeking threat intelligence on new and emerging cyberthreats from external sources. Most security-as-a-service (SECaaS) companies don’t have threat hunting integrated into their operations and most internal IT security teams are too resource-constrained to do so. At Armor, it’s part of our everyday security operations and any intelligence the TRU team gathers is added to our database and used to strengthen the defenses of all our clients.

Armor Threat Hunting Delivers Enhanced Protection and Active Security Measures

Response that Goes Beyond Alerting

Unlike traditional MSSPs, Armor goes beyond simple alerting to a potential problem; our SOC works with you to help investigate and respond to threats to your environment, applications, and data.

DEFENSE-IN-DEPTH AND ACTIVE DEFENSE

Included as part of all Armor’s cloud security solutions, Armor threat hunting adds an additional layer of protection to cover your network from threats internal and external. Threat hunting adds an active dimension to cloud security instead of relying solely on static measures such as access control lists, firewalls, intrusion detection systems (IDS), intrusion prevention systems, etc.

APPLIED THREAT INTELLIGENCE

Armor threat hunting uses the latest threat intelligence developed by Armor’s TRU team. Our experts apply up-to-the-minute knowledge of the TTPs threat actors use to find IoC.

Continuous Threat Hunting

Threat hunting serves as validation that your other security controls are working optimally to prevent and detect threats.

Armor Threat Resistance Unit

The TRU team’s mission is to stay one-step ahead of threat actors. Acting as Armor’s eyes and ears, TRU vigilantly pursues emerging cyberthreats and activities, monitoring the deep and dark webs, hacker forums, and pastebin sites (among others), for indicators that any of our clients are in danger of attack. Part of the Armor SOC, TRU is a force multiplier providing advanced notice and intelligence on potential cyberthreats, while enabling our SOC teams with tactics, methods, and countermeasures—intelligence applied—that strengthen their ability to see and respond to even the most sophisticated threats.

Assume the Breach

Effective threat hunting operations “assume the breach.” In other words, our TRU experts perform threat hunting with the notion that our clients have a threat operating in their environment and it’s their job to find it. This ensures that they are never complacent, always on the hunt, and maintaining an attacker’s mindset. They stay awake at night so you don’t have to.

WHY USE ARMOR

CHECK OUT WHY CUSTOMERS TRUST ARMOR FOR THREAT DETECTION, INCIDENT RESPONSE, AND COMPLIANCE MANAGEMENT.

Armor Threat Hunting Delivers Trusted Security

  • Enhance detection and put your security operations on a proactive security footing to search for threats that traditional
    security controls may have missed
  • Validate the effectiveness of existing security controls and raise your confidence that applications and data are truly
    secure
  • Get access to Armor’s elite security experts who monitor your environment 24/7/365
  • Go beyond alerting to get the answers and assistance you need when responding to potential incidents

What makes Armor solutions so complete, easy and effective against today’s cyber threats?

The Armor Spartan threat prevention and response platform is how Armor delivers security outcomes for our customers. The Armor Spartan platform is purpose-built to leverage the agility and speed of the cloud, scaling up to drive new community insights against an ever-changing threat landscape as well as scaling out to provide unified visibility across an ever-changing IT landscape.

#####EOF##### Farewell Audit Season; Hello Continuous Compliance - Armor

Farewell to Audit Season; Hello Continuous Compliance

October 13, 2017

Nancy Free | Chief Compliance and Data Privacy Officer

I fondly remember a time when “Audit Season” was just that — a season. Once a year, auditors would appear – with and without fanfare –- to thoroughly test our security controls. It was a consolidated, one-and-done process.

It was a magical time. But it wasn’t meant to last.

Before too long, driven by improvements in technology and consumer protections, Audit Season became every day. And I mean Every. Single. Day. The list of compliance standards, and their hundreds of seemingly unique requirements continued to grow, placing a strain on tried- and- true compliance processes.

The Pain of Surge Compliance

Surge compliance isn’t an industry term, but it paints a necessary picture. Whether it’s the constant burden of data requests, the lack of a defined, measurable, and repeatable approach to compliance, or actual issues found during the audit, those affected are trapped by the momentum of becoming or staying compliant.

Compliance attestation doesn’t have to work this way. Of course, you may never again see those halcyon days of an Audit Season, but you can at least break free of the surge and enact a continuous compliance program.

Breaking Out of Your Compliance Rut

To be continuously compliant means you’re fully aware of how your policies, processes and operations stack up against all your relevant standards. It means that your staff knows – and more importantly UNDERSTANDS – what is expected, how those expectations are addressed day-to-day and how to measure the effectiveness of those requirements. With a continuous compliance program, you’re ensuring that you’re ready for anything that is coming your way.

Seven Steps to Enacting Continuous Compliance

Image outlining Continuous Compliance Workflow steps

Aggregate

Know your business and your customers’ needs. What regulations or standards are each being held to achieving? How do those compare to one another?

Consolidate

Once you understand the needs of your business and your customers, consolidate those needs into a single control framework. Map the controls from all relevant frameworks against one another to better understand how performing an action once can achieve the requirements across many compliance standards.

Elevate

When you know the full population of needed controls, bubble them up to the more stringent requirement. By aiming for and achieving the higher standard, you’ll be covered for all lesser standards too. This will be your baseline control framework.

Calibrate

Ensure that your policies and procedures align with your new internal control framework. I find it helpful to include references within policies and procedures that tie into specific controls.

Educate

Educate your control owners on continuous compliance, from how the framework came together, how periodic self-assessments will be required to make sure things work as expected (and if not, to bring that to light for remediation) as well as how this reduces the surge that comes with each audit.

Innovate

It’s a beautiful thing when a control owner tells you “I don’t want to have to review 200 people with access to this system. I’m going to just remove access to all but those who REALLY need it.” Equally as endearing is the phrase, “You know, we have a tool in house than can be configured to look for non-compliance against these 10 controls. It’s repeatable and we can show completeness and accuracy to our auditors!” Excellent! By all means, let’s find ways to automate!

Administrate

Continuous compliance requires diligent maintenance. Regular consideration of new control frameworks or regulations is critical to ensure your internal control framework is current and that you’re keeping pace with your customers’ needs.

________________________________________

Read the “Farewell to Audit Season”  white paper for additional insight.

If your company has data stored in the public cloud, how confident are you that it is secure and compliant? #poll #cloud #cybersecurity @awscloud @Azure @GCPcloud

When you play the Game of Code, you win or you lose — maybe not your head, but money, clients and potentially, your business. Join us for a security demonstration that takes you behind enemy lines and shows you how a hacker can infiltrate your system.
https://t.co/CAzJmCsAir

"Eighty-seven percent of surveyed CEOs report they are investing in cybersecurity as a way to build trust with customers and clients."
https://t.co/RbBTQKb7kN

Load More...
Follow Armor On Twitter
#####EOF##### Professional Cloud Security Services - Armor

ADVANCED, HANDS-ON AND BY YOUR SIDE IF OR WHEN YOU NEED US.

Each secure cloud deployment is unique — and uniquely complex. That’s why Armor offers a range of advanced professional services. You may never need them, or, you might find them indispensable. In any event, we don’t take your trust lightly.

Unlike security tool vendors, Armor is not a DIY service. Our security specialists and certified engineers have a battle plan to determine the best way to implement, configure and monitor your secure environment — top to bottom.

The extent to which a cloud security strategy protects your organization is a function of how carefully it’s managed, monitored and optimized. Maximize efficiency, regain focus and operate with true peace of mind by offloading these duties to Armor’s proven experts.

To take charge, Armor solutions come with an impressive array of services. No cloud security provider in the industry can match these all-included offerings.

  • 60-day launch assistance
  • Security consultation
  • Engineers available 24/7/365 via ticket, phone or live chat
  • A dedicated account manager
  • Certified engineering and compliance analysis
  • A military-grade security operations center
  • Performance tuning

To eliminate concerns surrounding complex system implementation and migration, any of these advanced onboarding services can be added to our complimentary onboarding services:

  • Deployment planning
  • Health check and monitoring strategy
  • DBA on-demand
  • Data migration (over 10GB)
  • Load testing
  • Tuning assistance
  • V2V migration services

 

All Armor Professional Services are fully managed. Armor obtains, installs, licenses and fully manages all aspects of the service for your business, including creating custom policies and upgrading.

Don’t risk a loss of revenue and a drop in customer satisfaction to the unknown. Armor’s load testing services reveal the limits of your website or application, and, when used in conjunction with included application-performance monitoring, can help recommend how to optimize them.

 

All managed load testing options are available as a one-time test or as a monthly subscription providing up to four tests per month.

Log management is a regimented practice. Regulatory guidelines like PCI and HIPAA require specific activity logging and retention to achieve and maintain compliance. Log analysis is a key tool in helping discover the root cause for a variety of diverse problems, particularly during compliance audits.

By consolidating, normalizing and delivering logs to key personnel or departments, businesses can conduct in-depth analysis of activities.

  • Diagnose and resolve Web application problems quickly
  • Discover conclusive evidence if a security incident arises
  • Identify and remediate inappropriate use of privileged accounts
  • Define user behavior and craft promotions, content and UIs that improve conversion

 

Log management services include a 12-month retention policy.

#####EOF##### Armor Security-as-a-Service - Armor

Armor Anywhere

Cloud-delivered security to protect your hybrid, cloud, and on-premise workloads

Many businesses have trouble keeping up with today’s dynamic cyberthreat landscape. As a result, security-as-a-service (SECaaS) providers have stepped in to help organizations protect their networks, cost-effectively and reliably. Instead of playing whack-a-hack by purchasing new tools and spending countless hours trying to hire and retain top talent, SECaaS gives you the freedom to focus on your business, while placing cybersecurity in expert hands.

Armor Anywhere not only provides cost savings around the tools necessary to secure your environment, but it places you under the protection of Armor’s security operations center (SOC) that keeps watch over your systems 24/7/365. Our SOC members have years of experience in cybersecurity, many trained and entrusted to protect government and civilian data and workloads. The Threat Resistance Unit (TRU), a part of the SOC, is our internal threat hunting team that seeks cyberthreats inside and out of Armor’s cloud infrastructure and its clients’ other IT environments. Armor provides world-class SECaaS for more than 1,000 organizations—from picking and deploying the right tools to incident response (IR) and remediation, Armor’s got your SECaaS covered.

What is security-as-a-service?

SECaaS is a business model in which a vendor (e.g., Armor) provides security services on a subscription basis. Many organizations choose “as-a-service” platforms because the cost of building their own infrastructure is prohibitive and the expertise needed to manage it is difficult to find, hard to keep, and expensive.

Top Reasons to choose Armor as your Security-as-a-Service

Not enough cybersecurity talent

51% The amount of organizations that face a
cybersecurity skills shortage, with demand projected to increase. — Palo
Alto Networks

Onerous alert management

2 Billion Total cloud-related events generated per month
by an average
enterprise — Sky
High Networks

Overwhelming number of security tools

75 The number of security products an average enterprise
uses to secure
their network. — CSO

Cheaper and more effective than DIY

286% ROI with payback in 4 months — Forrester

The Benefits of Armor

Opting for a SECaaS solution with Armor means organizations install the Armor Anywhere agent on their network to monitor the security of their infrastructure. Armor Anywhere works across architectures—public, private, or hybrid cloud, or on-premise IT environments—and can address any cybersecurity need. Save money and overcome staffing and skills gaps by outsourcing day-to-day security functions to a SECaaS provider.

Armor Anywhere’s SECaaS solution provides clients with:

INTRUSION DETECTION

With visibility to inbound and outbound activity at the host, Armor inspects anomalous traffic against predefined policies – detecting attacks like generic SQL injections, generic XSS attacks, DoS and generic web app effects. This service provides an agent-based Intrusion Detection System on the installed host for network traffic analysis and reporting based around policies defined by Armor.

File Integrity Monitoring

FIM is designed to monitor critical system file locations and alert you when your files have changed. It also monitors critical operating system (OS) files for changes that may allow threat actors to control your environment. FIM uses OS-specific policies and provides Armor with log visibility to assist in reviewing security events.

Vulnerability Scanning

Armor scans for potential points of risk to help reduce the surface area of attack. Weekly scheduled scans provide you a visible audit report to identify the vulnerabilities that attackers could use to penetrate your network, so you can develop your remediation plan.

Patch Monitoring

Patch Monitoring provides visibility into your environment to identify critical OS-level patches for resolution. Armor provides visibility into your environment running the Armor Anywhere agent, so you can ensure your OS is consistently up to date.

Malware Protection

Armor protects your environment from harmful malware and botnets deployed to capture your data, monitor your activity or leverage your servers for illicit activity. In the event an alert is created, Armor’s threat analysts begin an in-depth investigation. Armor uses an enterprise-class malware protection application and deploys the application agent within the Armor Anywhere agent.

LOG MANAGEMENT

Log Management captures and documents, analyzes and reports on log events from firewalls, servers, OS logs, and other applications to determine their validity and severity. Customers can view 30 days of logs in AMP and store up to 13 months of log events consistent with applicable regulatory requirements.

CONTINUOUS THREAT HUNTING

Proactive hunting within our data lake identifies threat actor activity not alerted to by our SIEM leveraging the research and expertise of Armor’s Threat Resistance Unit team as well as threat intelligence derived from a variety of sources.

BRAND AND REPUTATION MONITORING (DTB/IPRM)

Monitors public and deep and dark webs for threat activity against our Armor customer base using a mix of automation and targeted threat research.

Armor Security-as-a-Service: Just Say "Yes!"

Access to the latest tools, without having to worry about updates

WAF, FIM, IDS, malware protection, etc.

Top Security Talent Working on Your Behalf

On average, 22 years of IT experience and 12 years in security.

Efficient & effective

Save money with Armor’s $99 per workload rate. You’ll be an OpEx hero to your organization, helping achieve 286% ROI.

Fast turnup

Install all your security controls in one day.

Less management

Focus on what you do best, building applications to grow your business.

Armor Security-as-a-Service vs Traditional MSSP

CapabilitiesArmor AnywhereTraditional MSSP
TechnologyCloud-delivered Agent/No HardwareAppliance/Hardware
Ease of implementation (DevOps-ready)<2 minutesAverage 45 days
Protection, detection, and response99.999% Threats Blocked, Response IncludedAlerting ONLY
Average time to detect & eliminate threats1 Day99 Days
Visibility & threat management environments (On-Premise, Cloud, and Hybrid)✓On-Premise Only
Audit-ready compliance (HIPAA, HITRUST, PCI, GDPR)✓No
Consumption-based pricing✓Fixed, Contract
Patching✓Client Owns

WHY USE ARMOR

CHECK OUT WHY CUSTOMERS TRUST ARMOR FOR THREAT DETECTION, INCIDENT RESPONSE, AND COMPLIANCE MANAGEMENT.

Armor Solutions: Making Cloud Security Simple and Effective

Spartan is the IT security industry’s leading threat prevention and response platform. Armor integrates advanced analytics, global threat intelligence, and continuous response capabilities into a single platform that bolsters your defenses, uncovers hidden threats, and prevents security breaches. Whether your sensitive data and workloads are stored in a private, public, or hybrid cloud—or in an on-premise IT environment—Spartan provides a proactive approach to cyberthreats.

#####EOF##### Vulnerability and Security Gap Analysis Tool - Armor

Get started on closing your gaps in the security loop today.

This tool will to help you identify the problems in the way your business currently manages and secures data in the cloud, and help you get started on fixing them.

Using the NIST Cybersecurity Framework, and expertise from our elite security operations center, we designed this benchmarking tool to help you identify security gaps in your current cloud hosting strategy.

Take The Assessment

#####EOF##### Armor Blog - Armor Cyber Security

Latest Blog Posts

Apr 42019

Learnings from Analysis of 11 Major Misconfiguration Incidents

| Senior Product Marketing Manager

As we continue to discuss Cloud Security Posture Management (CSPM) tools as they evolve in the marketplace and within our own portfolio, it’s also necessary to consider why they’re important. With that in mind, let’s take a look at some context on major data breaches making headlines over the past couple of years, including Dow […]

David Lorti Image

David Lorti

Senior Product Marketing Manager

David Lorti is a Senior Product Marketing Manager at Armor. He is responsible for market and competitive analysis, sales enablement and go-to-market for new Armor offerings related to Armor’s Armor Anywhere solution. He has long-standing experience in the cybersecurity and technology industry launching cloud security and managed security, security and risk consulting, threat intelligence and incident response offerings. He graduated with a Masters of International Management from Thunderbird School of Global Management and a Bachelor of Arts from Arizona State University.

Apr 22019

Benefits of Multifactor Authentication

| Director of Product Marketing

With the continued rise of cyberincidents over the past decade, it’s apparent that hacking has become big business for cybercriminals. This has led to significant financial loss for consumers and enterprises that have fallen victim to data breaches. While there’s no silver bullet to data security in today’s increasingly sophisticated threat landscape, it also shouldn’t […]

Ryan Smith

Director of Product Marketing

With 10 years of experience, Ryan Smith serves as Director of Product Marketing at Armor; he is passionate about telling stories about how companies are achieving security and compliance in the cloud. Ryan regularly speaks nationwide at conferences, user groups, and special events on the topics of cloud security, compliance – PCI, HIPAA, and GDPR, and developing secure cloud architectures. Previously, he served as a Sr. Product Manager focused on bringing Armor Anywhere (a managed, scalable security solution that protect virtual machine instances hosted on public, private, hybrid or on-premise cloud environments) and its future iterations to market; he also has been an integral part of developing Armor’s compliance matrix mappings and the industry defining cloud adoption framework for HIPAA compliance. At prior companies, he served as the Founder, Head of Product or Marketing Manager for various SaaS businesses. Ryan holds a PhD in Mass Media and Communication Studies from European Graduate School.

Mar 282019

Protecting Your Virtual Assets from Physical Threats

| Senior Ethical Hacker

Where there’s a will, there’s a way—and, for black hat hackers, there’s always a will and a way to get what they’re after. As a decision maker or IT professional in your organization, you’ve likely set up strong defenses against virtual threats facing your network, such as phishing, social engineering, business email compromise scams, etc. […]

Geoffrey Pamerleau

Senior Ethical Hacker

Geoffrey Pamerleau joined Armor as a senior ethical hacker bringing 10 years of expertise in IT and cyber security to the Threat Resistance Unit (TRU). Before joining Armor, Geoff was a Computer Network Operator for the NSA, where he was tasked with performing computer network exploitation operations. He served in the United States Air Force with distinction as a Cyberspace Operations Officer. Prior to his commission, Geoff received a Bachelor’s in Computer Science with a focus on Cyberwarfare from the United States Air Force Academy. While there, Geoff was a member of the Academy’s Cyber Warfare Club and competed in National and International information security competitions. Geoff has certifications in incident handling and penetration testing from SANS and Offensive Security. (GCIH, GPEN, and OSCP).

View all Armor blog posts

Foundation

About Foundation

If you're new to the field and want to get your feet wet, this is the hub for everything basic about cloud and cybersecurity.

Apr 42019

Learnings from Analysis of 11 Major Misconfiguration Incidents

| Senior Product Marketing Manager

As we continue to discuss Cloud Security Posture Management (CSPM) tools as they evolve in the marketplace and within our own portfolio, it’s also necessary to consider why they’re important. With that in mind, let’s take a look at some context on major data breaches making headlines over the past couple of years, including Dow […]

David Lorti Image

David Lorti

Senior Product Marketing Manager

David Lorti is a Senior Product Marketing Manager at Armor. He is responsible for market and competitive analysis, sales enablement and go-to-market for new Armor offerings related to Armor’s Armor Anywhere solution. He has long-standing experience in the cybersecurity and technology industry launching cloud security and managed security, security and risk consulting, threat intelligence and incident response offerings. He graduated with a Masters of International Management from Thunderbird School of Global Management and a Bachelor of Arts from Arizona State University.

Apr 22019

Benefits of Multifactor Authentication

| Director of Product Marketing

With the continued rise of cyberincidents over the past decade, it’s apparent that hacking has become big business for cybercriminals. This has led to significant financial loss for consumers and enterprises that have fallen victim to data breaches. While there’s no silver bullet to data security in today’s increasingly sophisticated threat landscape, it also shouldn’t […]

Ryan Smith

Director of Product Marketing

With 10 years of experience, Ryan Smith serves as Director of Product Marketing at Armor; he is passionate about telling stories about how companies are achieving security and compliance in the cloud. Ryan regularly speaks nationwide at conferences, user groups, and special events on the topics of cloud security, compliance – PCI, HIPAA, and GDPR, and developing secure cloud architectures. Previously, he served as a Sr. Product Manager focused on bringing Armor Anywhere (a managed, scalable security solution that protect virtual machine instances hosted on public, private, hybrid or on-premise cloud environments) and its future iterations to market; he also has been an integral part of developing Armor’s compliance matrix mappings and the industry defining cloud adoption framework for HIPAA compliance. At prior companies, he served as the Founder, Head of Product or Marketing Manager for various SaaS businesses. Ryan holds a PhD in Mass Media and Communication Studies from European Graduate School.

Mar 282019

Protecting Your Virtual Assets from Physical Threats

| Senior Ethical Hacker

Where there’s a will, there’s a way—and, for black hat hackers, there’s always a will and a way to get what they’re after. As a decision maker or IT professional in your organization, you’ve likely set up strong defenses against virtual threats facing your network, such as phishing, social engineering, business email compromise scams, etc. […]

Geoffrey Pamerleau

Senior Ethical Hacker

Geoffrey Pamerleau joined Armor as a senior ethical hacker bringing 10 years of expertise in IT and cyber security to the Threat Resistance Unit (TRU). Before joining Armor, Geoff was a Computer Network Operator for the NSA, where he was tasked with performing computer network exploitation operations. He served in the United States Air Force with distinction as a Cyberspace Operations Officer. Prior to his commission, Geoff received a Bachelor’s in Computer Science with a focus on Cyberwarfare from the United States Air Force Academy. While there, Geoff was a member of the Academy’s Cyber Warfare Club and competed in National and International information security competitions. Geoff has certifications in incident handling and penetration testing from SANS and Offensive Security. (GCIH, GPEN, and OSCP).

View all Foundation blog posts

Technical

About Technical

Tailored specifically for IT, security and DevOp pros, our Technical blogs get you into the nitty gritty details.

Apr 42019

Learnings from Analysis of 11 Major Misconfiguration Incidents

| Senior Product Marketing Manager

As we continue to discuss Cloud Security Posture Management (CSPM) tools as they evolve in the marketplace and within our own portfolio, it’s also necessary to consider why they’re important. With that in mind, let’s take a look at some context on major data breaches making headlines over the past couple of years, including Dow […]

David Lorti Image

David Lorti

Senior Product Marketing Manager

David Lorti is a Senior Product Marketing Manager at Armor. He is responsible for market and competitive analysis, sales enablement and go-to-market for new Armor offerings related to Armor’s Armor Anywhere solution. He has long-standing experience in the cybersecurity and technology industry launching cloud security and managed security, security and risk consulting, threat intelligence and incident response offerings. He graduated with a Masters of International Management from Thunderbird School of Global Management and a Bachelor of Arts from Arizona State University.

Dec 52018

Supply Chain Attacks

| Senior Threat Intel Analyst

Trusting third-parties in order to quickly add infrastructure and/or expertise to your business has become a common and, in many cases, essential business practice. These trust relationships are usually built upon agreements that both parties will do their part in a responsible manner. While that may be the case, businesses in different verticals often have […]

Corey Milligan

Senior Threat Intel Analyst

Corey has more than 18 years of IT experience. Before coming to Armor, he worked his way up the Army ranks, retiring as a Chief Warrant Officer and one of the Army’s first Cyber Operations Technicians. He holds some of the industries most sought after certifications including CISSP, GCIA, GNFA, and GCTI. As a member of Armor’s Threat Response Unit, Corey provides threat intelligence support to the SOC and other divisions as needed, enhancing their efforts by collecting and analyzing open and closed source threat intelligence feeds, reporting on priority threats, identifying IOCs in support of network monitoring and incident response, and analyzing logs to identify hidden threats.

Dec 42018

Diving Deeper into Man-in-the-Middle and Brute Force Attacks

| Senior Security Architect

There is no shortage of ways for attackers to try to compromise an organization’s IT environment or an individual’s computer. From cross-site scripting to social engineering, the tactics of today’s attackers will sound familiar to cybersecurity researchers and victims alike. However, the most effective cyberattacks are often not the most sophisticated, as capturing low-hanging fruit […]

Chris Hinkley, OSCP, CISSP

Senior Security Architect

As senior security architect of Armor, Chris Hinkley utilizes a decade of security expertise to design, test and deploy next generation security processes and techniques for the cloud. His work at Armor was instrumental in Armor being one of the first cloud companies globally to achieve PCI DSS compliance. Prior to Armor, Hinkley worked as a Web Developer for TargetScope, an interactive marketing and Web development company. In that role he created everything from website animations to complex and dynamic product configurations using the latest technology and development frameworks. With Armor, Hinkley has held a number of security and technology-related roles, including security engineer, lead engineer and support manager. In those roles he has serviced thousands of FireHost customer servers, including Windows and Linux, and overseen the security of all hosting environments to meet PCI, HIPAA and other compliance guidelines. Hinkley is a sought after speaker and author on cloud, security and open source topics, publishing regular columns in SecurityWeek and other industry magazines. Hinkley is a Certified Information Systems Security Professional (CISSP).

View all Technical blog posts

Compliance

About Compliance

A compliance experts dream. We provide you with a complete breakdown of compliance and cybersecurity issues.

Apr 42019

Learnings from Analysis of 11 Major Misconfiguration Incidents

| Senior Product Marketing Manager

As we continue to discuss Cloud Security Posture Management (CSPM) tools as they evolve in the marketplace and within our own portfolio, it’s also necessary to consider why they’re important. With that in mind, let’s take a look at some context on major data breaches making headlines over the past couple of years, including Dow […]

David Lorti Image

David Lorti

Senior Product Marketing Manager

David Lorti is a Senior Product Marketing Manager at Armor. He is responsible for market and competitive analysis, sales enablement and go-to-market for new Armor offerings related to Armor’s Armor Anywhere solution. He has long-standing experience in the cybersecurity and technology industry launching cloud security and managed security, security and risk consulting, threat intelligence and incident response offerings. He graduated with a Masters of International Management from Thunderbird School of Global Management and a Bachelor of Arts from Arizona State University.

Mar 212019

The Ripple Effect of GDPR: Webinar

| Senior Counsel and Director of the Legal Department

In May 2018, the European Union (EU) enacted the General Data Protection Regulation (GDPR), a sweeping overhaul of the EU’s data privacy laws that reshaped the way organizations across the region and globe approach data privacy. In two previous blogs—The Aftershock of GDPR, Part 1 and Tokenization + Security-as-a-Service, Part 2—we provided an overview of […]

Skyla Johnson Image

Skyla Johnson

Senior Counsel and Director of the Legal Department

Skyla R. Johnson is Senior Counsel and Director of the Legal Department at Armor Defense Inc., an international cyber security organization where she serves as lead security and privacy counsel. Skyla has worked extensively in matters involving complex data security and data privacy law issues, including advising companies when responding to security breach incidents. During her career she has also served as in-house counsel for large companies in both the technology and financial services industries. Skyla earned her J.D. from Southern University Law Center, and her B.A. in economics from Howard University. She is admitted to the Texas Bar.

Feb 212019

Certified Compliant vs. Actually Compliant

| Chief Compliance and Data Privacy Officer

You’ve heard the chorus from CISO’s and cybersecurity professionals alike: “Compliance does not equal security.” Is it really true? Compliance is more of a minimum baseline to give reasonable assurance that companies are taking the basic steps to protect data. The bigger question is, are companies really compliant? Or are they doing just enough to […]

Nancy Free

Chief Compliance and Data Privacy Officer

Nancy Free, Armor's Chief Compliance and Data Privacy Officer, has over 20 years of IT experience, including IT governance, risk, compliance, and audit. She has spent over 15 years in the IT Security field leading IT and compliance teams in a variety of industries, including: energy, transportation, construction, mortgage lending, healthcare, and retail.

View all Compliance blog posts

Executive

About Executive

Sometimes, you need the C-Suite level jargon and focus, dive into this section to learn how cybersecurity affects broader business operations.

Apr 42019

Learnings from Analysis of 11 Major Misconfiguration Incidents

| Senior Product Marketing Manager

As we continue to discuss Cloud Security Posture Management (CSPM) tools as they evolve in the marketplace and within our own portfolio, it’s also necessary to consider why they’re important. With that in mind, let’s take a look at some context on major data breaches making headlines over the past couple of years, including Dow […]

David Lorti Image

David Lorti

Senior Product Marketing Manager

David Lorti is a Senior Product Marketing Manager at Armor. He is responsible for market and competitive analysis, sales enablement and go-to-market for new Armor offerings related to Armor’s Armor Anywhere solution. He has long-standing experience in the cybersecurity and technology industry launching cloud security and managed security, security and risk consulting, threat intelligence and incident response offerings. He graduated with a Masters of International Management from Thunderbird School of Global Management and a Bachelor of Arts from Arizona State University.

Jan 152019

Cybersecurity for Accounting & Finance Leaders– Embark Partner Blog

It’s the new year, which means new budgets for enterprises! With cyberattacks being one of the top 3 financial risks facing businesses today, financial leaders can ill-afford to overlook cybersecurity as a serious component of 2019 planning. We recently teamed up with our partners at Embark to develop the following blog providing best practices for […]

Guest Author Image

Guest Author

Guest authors comprise of Armor's strategic partners, technology partners, clients and experts in the cybersecurity industry.

Jan 102019

Effective Internal Audit Procedures Strengthen Your Cybersecurity – Embark Partner Blog

Are you haunted by all the need-to-be-checked boxes that come with an audit? Internal auditors know that not meeting compliance equals more than just a hefty fine, it also opens doors for hackers to infiltrate your environment. We recently teamed up with our partners at Embark to bring you a blog filled with guidelines on […]

Guest Author Image

Guest Author

Guest authors comprise of Armor's strategic partners, technology partners, clients and experts in the cybersecurity industry.

View all Executive blog posts
#####EOF##### Cloud Security Services for any Industry - Armor

Different industries, different rules — but the need for security never wavers.

Armor simplifies the struggle of data-driven organizations in every industry to effectively defend themselves against active cyber threats while also remaining compliant. Regardless of your HIPAA or PCI DSS-compliant needs, we reduce your burden and help you exceed regulatory requirements.

Learn how Armor’s managed security services solve industry-specific data security challenges.

Armor Certifications

Verified and validated. Across all industries.

Healthcare

HIPAA via HITRUST

Armor Complete for Healthcare is a secure cloud infrastructure built specifically to be HIPAA-compliant via HITRUST. It provides a safe haven for electronic healthcare records (EHR), electronic protected healthcare information (ePHI) and other sensitive data. Trust in our HITRUST-Certified services to help you become HIPAA-compliant in the cloud.

Armor has built its infrastructure specifically for security. It’s HIPAA-compliant and has helped us streamline the scope of our own internal audits.

Hitrust Logo
Michael Frederick, Vice President, HITRUST

Payment

PCI DSS

Armor for Payments is a secure, PCI DSS-compliant cloud that isolates critical data from the rest of an IT infrastructure by applying our unique approach to managed cloud security – preventing devastating data breaches. Our PCI-compliant services pass on inherited security controls to your critical cloud workloads and application.

When dealing with payments and security, you never want to count pennies. And your customers don’t want you to. At the end of the day, it was the team at Armor that gave us the feeling that they were experts and serious about security.

FTNI logo
Kurt Matis, CEO, FTNI

Intellectual Property

Armor Complete’s multi-layered security stack doesn’t just help organizations looking to be HIPAA- or PCI-compliant. This managed cloud solution also protects intellectual property by helping organizations manage access to their customer’s most valuable asset – their ideas.

By putting our trust in Armor, we returned our focus to our primary business: developing a revolutionary secure media platform. Selecting Armor immediately gave us credibility with regards to our back-end security.

Armored Info Logo
Michael Fahey, Founder and CEO, Armored Info

Regulatory Compliance

Our innovative cloud security solutions are built with the highest level of data protection in mind and are capable of meeting any regulatory or compliance standard.

One major component of Innovum’s security posture is Armor Anywhere. Innovum needs to provide the active, around-the-clock monitoring that is needed when storing sensitive personal data in a database, and needs to react quickly to any suspicious activity.

Innovum Logo
Mark D. West, CEO, Innovum
#####EOF##### Managed Security-as-a-Service Solution - Armor Anywhere
Armor Anywhere logo

Armor Anywhere: Making Cloud Security Simple. Anytime. Anywhere.

Armor Anywhere is a managed SECaaS platform. It strengthens and unifies your on-premise, public, private, and hybrid cloud environments. Armor makes security simple for our clients by managing the day-to-day issues of running a cybersecurity team and all the technology and tools they need to be effective. The Armor Anywhere agent will prepare your IT infrastructure for any attacks through security defenses that enable you to prevent, detect, and respond to cyberthreats in real-time—at a fraction of the cost of traditional solutions.

Armor Anywhere not only provides cost savings, but it saves time as well. In under two minutes you can be protected by the Armor suite of technology tools and security controls—backed by a security operations center (SOC) that keeps watch over your systems 24/7/365.

The people of the Armor SOC have years of experience in cybersecurity, many trained and entrusted to protect government and civilian data, workloads, and security. The Threat Resistance Unit (TRU), a part of the SOC, is our internal threat hunting team that seeks cyberthreats inside and out of Armor’s cloud infrastructure and its clients’ other IT environments. Working closely with outside groups they help end virus and malware epidemics; create signatures and countermeasures, applying them cross-platform; and help Armor clients, the cybersecurity community, and ultimately anyone who uses the internet (basically, the world).

Data Sheets

Armor Anywhere Technical Solution Brief

Armor Anywhere delivers a managed security-as-a-service that fortifies and unifies your on-premise, cloud and hybrid IT security defenses.

admin Image

admin

ARMOR ANYWHERE IS END-TO-END CYBERSECURITY—SIMPLIFY YOUR SECURITY AND YOUR LIFE:

  • Unified protection and visibility—Armor Anywhere provides cybersecurity management through our threat prevention and response platform, which is powered by our experts in the Armor SOC, including the Threat Resistance Unit team. Keep track of your security measures and countermeasures, view analytics, and run reports through the Armor management portal (AMP), which offers single-pane-of-glass visibility across all your architectures, whether on-premise or in the cloud.
  • Continuous Detection and Response—The SOC teams work together to ensure our database is continuously updated with the latest cyberthreats—viruses, malware, phishing scams, cryptojacking and mining software, etc.—regularly improving our white- and blacklists, as well as providing end-to-end prevention, detection, and response services to our clients. We don’t just alert you to a problem—we stick with you to the end. Our SOC and Threat Resistance Unit ensure your environment is free of invaders by eradicating existing ones, while implementing countermeasures to defend against future attacks.
  • Audit Ready Compliance—Provides audit-ready compliance for PCI DSS, HIPAA and HITRUST CSF, and GDPR. You have access to time-tested compliance experts 24/7/365
  • Swift and Scalable Deployment—Once the Armor Anywhere agent is deployed, your environment is fully protected in under two minutes. Armor Anywhere is designed to protect your on-premise IT environment, as well as any workloads stored in public, private, and hybrid cloud environments.

Why DevOps Loves Armor Anywhere

  • Cloud-delivered
  • Scales with the environment
  • Supports public, private, and hybrid cloud architectures, as well as on-premise environments
  • Delivers audit-ready compliance
  • Migration-friendly

Armor Anywhere: What does it do?

Thanks for asking! Armor Anywhere provides:

INTRUSION DETECTION

With visibility to inbound and outbound activity at the host, Armor inspects anomalous traffic against predefined policies – detecting attacks like generic SQL injections, generic XSS attacks, DoS and generic web app effects. This service provides an agent-based Intrusion Detection System on the installed host for network traffic analysis and reporting based around policies defined by Armor.

File Integrity Monitoring

FIM is designed to monitor critical system file locations and alert you when your files have changed. It also monitors critical operating system (OS) files for changes that may allow threat actors to control your environment. FIM uses OS-specific policies and provides Armor with log visibility to assist in reviewing security events.

Vulnerability Scanning

Armor scans for potential points of risk to help reduce the surface area of attack. Weekly scheduled scans provide you a visible audit report to identify the vulnerabilities that attackers could use to penetrate your network, so you can develop your remediation plan.

Patch Monitoring

Patch Monitoring provides visibility into your environment to identify critical OS-level patches for resolution. Armor provides visibility into your environment running the Armor Anywhere agent, so you can ensure your OS is consistently up to date.

Malware Protection

Armor protects your environment from harmful malware and botnets deployed to capture your data, monitor your activity or leverage your servers for illicit activity. In the event an alert is created, Armor’s threat analysts begin an in-depth investigation. Armor uses an enterprise-class malware protection application and deploys the application agent within the Armor Anywhere agent.

LOG MANAGEMENT

Log Management captures and documents, analyzes and reports on log events from firewalls, servers, OS logs, and other applications to determine their validity and severity. Customers can view 30 days of logs in AMP and store up to 13 months of log events consistent with applicable regulatory requirements.

CONTINUOUS THREAT HUNTING

Proactive hunting within our data lake identifies threat actor activity not alerted to by our SIEM leveraging the research and expertise of Armor’s Threat Resistance Unit team as well as threat intelligence derived from a variety of sources.

BRAND AND REPUTATION MONITORING (DTB/IPRM)

Monitors public and deep and dark webs for threat activity against our Armor customer base using a mix of automation and targeted threat research.

THE SHARED SECURITY RESPONSIBILITY MODEL

Shared responsibility is key to ensuring your cloud workloads are protected from cybercriminals and their attacks. Listen to me now and hear me later (or listen now and hear me now and later—just make sure you hear me) this is incredibly important: You cannot rely solely on your cloud providers’ (i.e., Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform) native security controls. All public cloud providers operate under the shared responsibility model, which means that you are responsible for supplementing the providers’ cloud native security controls with a layer of external security controls. We are highlighting this because a recent social media poll we conducted, #ArmorU, showed an alarming number of respondents 47% were woefully uninformed about shared responsibility and, therefore, leaving themselves vulnerable to potential breaches and data theft.

Don’t panic! Just pick up the phone and call us, hop on our chat program, send an email—we even accept post by carrier pigeon (just like Mike Tyson).

Armor Anywhere provides the additional layer of security each cloud providers’ shared responsibility model requires (and then some), while simplifying cloud deployments and security control management. We even ensure you have access to the SOC 24/7/365—real people—who move past alerting to help you contain and remediate any threat actors in your environment or attempting to breach your defenses.

Data Sheets

Armor Anywhere: Shared Responsibility

Armor Anywhere makes it easy to balance security, cost-effectiveness and cloud accessibility.

Shared Responsibility Is Your Responsibility

Each cloud provider has different requirements regarding the shared responsibility model and Armor Anywhere can get you there; we work as partners with the large cloud providers. The following datasheets detail the nuances of meeting each platform’s (and your) cybersecurity needs.

Amazon Web Services (AWS)

Microsoft Azure

Google Cloud Platform

Armor Anywhere—Powered by our threat prevention and response platform

Wait, What Is A Platform?

At Armor, and in the broader technology industry, when we say “platform,” “our platform,” or “powered by a platform,” we don’t mean a physical entity, a stage—it is simply a metaphor to describe all the people, processes, tools, and technology that make up Armor’s solutions and empower them to protect our clients. So, when we talk about the Armor platform, we are talking about the following, and more:

  • People—SOC members, Threat Resistance Unit team, any employees that deal with the threat prevention and response part of our business
  • Tools and Technology—dynamic threat blocking (DTB), our IP reputation management service (IPRM), including blacklists and whitelists; log management; vulnerability scanning; malware detection and blocking; intrusion detection and prevention services (IDS/IPS)—both NIDS (network layer) and HIDS (host layer); etc.
  • Services—Threat hunting, 24/7/365 access to our SOC, incident response and forensics (IRF), business continuity and disaster discovery (BC/DR),

 

Spartan—The Armor Platform

Now that you know a little bit more about the meaning of platform in a tech context, we’d like to give you a visual description to help you understand exactly how all those things tie together to protect your sensitive data and workloads—whether on-premise or in any form of cloud architecture. The graphic below shows how the Armor platform works. You can also visit the Spartan page for more detailed information on how each component works together to provide 24/7/365 protection for your workloads.

Traditional MSSP vs Armor Offerings

CapabilitiesTraditional MSSPArmor Anywhere
TechnologyAppliance/HardwareCloud-delivered Agent/No Hardware
Ease of Implementation (DevOps-ready)Average 45 days<2 minutes
Protection, Detection, and ResponseAlerting ONLY99.999% Threats Blocked, Response Included
Average Time to Detect and Eliminate Threats99 Days1 Day
Visibility & Threat Management-Environments (On-Premise, Cloud, and Hybrid)On-Premise Only✓
Audit-Ready Compliance (HIPAA, HITRUST, PCI, GDPR)No✓
Pay for only what you useFixed, Contract✓
PatchingClient Owns✓

ARMOR MANAGEMENT PORTAL

The Armor Management Portal (AMP) provides you with a single-pane-of-glass visibility into your security program providing real-time visibility and management of your security controls.

Security Metrics to Benchmark Your Success
Integrated within AMP, the Security Analytics dashboard delivers real-time visibility powered by advanced correlation and analytics to help you make smarter decisions.

Angled screenshot of Armor Security Dashboard
#####EOF##### Benefits of Multifactor Authentication - Armor

Benefits of Multifactor Authentication

April 02, 2019

Ryan Smith | Director of Product Marketing

With the continued rise of cyberincidents over the past decade, it’s apparent that hacking has become big business for cybercriminals. This has led to significant financial loss for consumers and enterprises that have fallen victim to data breaches.

While there’s no silver bullet to data security in today’s increasingly sophisticated threat landscape, it also shouldn’t be easy for malicious actors to infiltrate your network. One way to effectively protect your information is to employ multifactor authentication (MFA) controls within your security program, especially for your business-critical data.

Defining Multifactor Authentication

MFA is a security measure that allows access to an account, application, or device only after the user presents 2 or more distinct pieces of evidence that authenticate his or her ownership of that account. One common example you may not recognize as MFA is withdrawing money from an ATM. You need both your debit or credit card and PIN to get cash from the machine. In this case, the physical ATM card and PIN are the authentication factors.

MFA uses a combination of 2 or more of the 3 types of authentication factors:

  • Knowledge – what you know (e.g. password, PIN)
  • Possession – what you have (e.g. smartphone, USB token)
  • Inherence – what you are (e.g. biometrics)

Requiring the use of 2 or more of these of these factors dramatically increases the security of the assets.

Although MFA can be a complicated and possibly cumbersome process, it’s worth considering as it offers extra layer(s) of security for your organization. Even if a hacker is able to get hold of your password, they still do not have access to your thumbprint, verified text code or any other secondary or tertiary authentication factor needed to gain access to the data they’re after.

Passwords Alone Don’t Work

For years, passwords have unarguably been the most common and convenient way of securing information. However, passwords alone just don’t get the job done anymore. With an array of sophisticated tools and knowledge at the fingertips of today’s cybercriminals, passwords have become far too vulnerable. While passwords are still a best practice, and should be used as a first line of defense, they can be easily cracked in a matter of minutes.

Using MFA as a requirement for gaining access to websites, apps, devices, accounts, networks, and other secure systems not only minimizes the risk for both end users and organizations, but also reduces the burden on IT departments and administrators.

Common Methods of Multifactor Authentication

As previously mentioned, MFA is any combination of what you know, what you have, and what you are. The first credential used to validate the user is typically knowledge­—or what you know—such as a username and password. The second and third authentication factors are what you have and/or what you are, which are ideally more difficult to provide vs. a username and password. There are a myriad of ways to verify what you have and what you are, including:

What you have –

  • SMS-based One-time Password (OTP). When a user logs in to an account or network an OTP is sent as a text message to the phone number registered with the account. Entering the OTP satisfies the possession factor as it shows that the user has complete control over the trusted and listed phone number the OTP was sent to.
  • Time-based One-time Password (TOTP). Similar to the OTP method above, TOTP provides the user a one-time-use passcode. However, instead of receiving the code via text, the user is required to scan a QR or barcode to acquire the unique 4-to-8-digit passcode using a smartphone. True to its name, another difference from the OTP method is that the password in TOTP is time-based. A new passcode is regenerated every 30 to 60 seconds and is valid only within that duration until a new code is created.
  • HMAC-based One-time Password (HOTP). HOTP works the same as TOTP except that the password is not time-based. Rather, the code is based on the algorithm of the secret key and a hash-based message authentication code (HMAC) generated on a security token. The algorithm is event-based, meaning the counter on the token changes when an existing OTP is validated. Because of this, there may be more than one OTP valid at any given time in HOTP. This is its main difference from the TOTP method.
  • Email Code Method. This method follows the same principle as that of the SMS code, except that the one-time password is via email vs. text message. This may not be the most secure method however, as it doesn’t require physical access to an independent device, and email accounts are particularly vulnerable to hacking.
  • Security tokens. Other than a pre-registered phone that receives and generates OTP codes (also known as software tokens), one-time passwords may also be created using security tokens. Also known as hardware tokens or authentication tokens, security tokens are small physical devices that the user keeps with them, and they generate a new code every time the user needs to access the network. These essentially work the same way as an authenticator app on a smartphone. A security token often requires a PIN to log in to the service and may come in the form of a pocket-sized key fob, dongle key, or a USB stick.

What you are –

  • Biometrics. Biometric-based MFA falls squarely into the inherence category. Passwords and tokens may be replaced or added with what you are—fingerprint authentication, retina or iris scans, face or voice recognition, and other biometric sensors.

Benefits of Multifactor Authentication

The benefits that MFA bring to the table are quite evident, particularly for end users. As mentioned previously, with the additional layer of protection afforded by MFA, accounts do not easily fall victim to cyberevents despite the high vulnerability of the password as a security measure. And it doesn’t stop there.

Implementing MFA across the organization also brings a number of businesses advantages, including:

  • Boosting security against cybercriminals. The company’s security is put in jeopardy as well when employees’ credentials are compromised due to weak security. While the importance of employee awareness and training regarding these issues can never be emphasized enough, it’s also good to know that IT managers have the option to beef up security without having to depend on employees’ actions.
  • Helping ensure regulatory compliance. In some situations, deploying MFA is no longer an option, but a standard for regulatory compliance. This is usually the case when managing or dealing with certain types of data and making remote connections, as well as in other specific instances.
  • Improving operational efficiency and employee productivity. Deploying MFA company-wide also has the potential to enhance employee productivity and boost efficiencies all around. With the reduced risk of compromised credentials (which could possibly pave the way for a data breach), employees have greater flexibility to work remotely, allowing them access to data and enterprise applications outside of the workplace. Further, this also means that even if an employee device is stolen or hacked, that extra level of security provided by MFA allows IT departments to put the appropriate countermeasures in place before the perpetrators can wreak too much damage.

Security Designed for Today’s Threat Landscape

If you’ve already implemented MFA measures in your organization—and even if you haven’t—it never hurts to have backup security protocols in place. In fact, it’s recommended that you do. Consider a cloud security posture management (CSPM) solution to safeguard your environment as well. I would encourage you to read our blog on cloud security and posture management tools and what they do. As it relates to MFA, CSPM tools help you set global MFA policies for your environment and then whenever that policy is violated, the tool will alert you and help you remediate that offense. This helps prevent scenarios where disgruntled ex-IT employees can nuke your AWS servers and cost you half a million dollars in contracts like happened recently at one company.

As organizations continue to adopt cloud services, and accumulate more information, the risk of a data breach has never been higher. This is where the more complex security measures, such as multifactor authentication, can prove to be highly valuable in protecting your data, users, and company as a whole. If your business has yet to reap the security and productivity benefits that MFA offers, then there’s no better time to start than now.

If your company has data stored in the public cloud, how confident are you that it is secure and compliant? #poll #cloud #cybersecurity @awscloud @Azure @GCPcloud

When you play the Game of Code, you win or you lose — maybe not your head, but money, clients and potentially, your business. Join us for a security demonstration that takes you behind enemy lines and shows you how a hacker can infiltrate your system.
https://t.co/CAzJmCsAir

"Eighty-seven percent of surveyed CEOs report they are investing in cybersecurity as a way to build trust with customers and clients."
https://t.co/RbBTQKb7kN

Load More...
Follow Armor On Twitter
#####EOF##### Cloud Security Solutions for HIPAA Compliance - Armor

Simplify HIPAA Compliance

Armor cloud security solutions—audit-ready compliance in under 2 minutes

Simplify your life: Overcome your Health Insurance Portability and Accountability Act of 1996 (HIPAA) compliance challenges by securing your critical ePHI and PHI data workloads with Armor. Our Health Information Trust Alliance Common Security Framework (HITRUST CSF) certified security solutions provide inherited compliance controls to cloud-ready organizations.

This means easier audits and, most important, security for the data that needs it most.

How Armor Helps Clients Become HIPAA Compliant

HITRUST CSF-Certified Solutions: Armor is certified by the Health Information Trust Alliance Common Security Framework (HITRUST CSF); A framework designed to simplify HIPAA compliance requirements by providing prescriptive compliance guidelines.

Inherited Compliance Controls: Our managed security solutions were built to address the risk-based nature of HIPAA compliance and pass their compliant status to customer data.

HIPAA Compliance Support: Our security team provides 24/7/365 customized, hands-on support to help you overcome any compliance challenge.

Security-Driven Compliance: True cloud security is more than just a checklist; it’s about letting compliance be an outcome of a security program, not its goal. Our approach to security does just that: proactive cybersecurity powered by the experts in our 24/7/365 security operations center (SOC).

Our cloud security solutions were created to simplify compliance—minimizing HIPAA-related anxiety and preventing breaches of patient information. We did this by taking a security-first approach and building security measures into our infrastructure. Ensuring the entire environment not only meets compliance requirements but provides a level of security compliance doesn’t attain. Security is the goal, compliance is an outcome.

AWS Cloud Formation Template

Our CloudFormation Template allows customers to reliably and consistently spin up the basic client/server architecture necessary to run web applications in AWS in a way that is in-line and consistent with the HITRUST guidelines for implementing HIPAA in the cloud.

Datasheet

Armor cloud security solutions were designed to fulfill all requirements for HIPAA compliance. Armor itself is HITRUST CSF certified. For more information, take a minute to read Armor for Healthcare Data in the Cloud to get an in-depth look at our healthcare data security apparatus.

What is HITRUST CSF?

Since HIPAA is more risk-based as opposed to a prescriptive set of security controls the Health Information Trust Alliance collaborated with health care and information security leaders to develop the HITRUST Common Security Framework (CSF).

The HITRUST CSF provides an actionable and scalable framework around HIPAA guidelines that organizations can follow to when managing compliance for their ePHI and PHI data.

Armor solutions are certified against HITRUST CSF and pass that status on the data workloads and applications they protect.

HITRUST CSF Whitepaper

HITRUST CSF certified organizations can better manage their assessments and consolidate evidence collection. Download the whitepaper to learn more about the HITRUST certification goals and requirements.

Inherited HITRUST CSF Controls

Armor customers benefit from inherited HITRUST CSF controls just by securing their data workloads and applications with our HITRUST CSF-certified solutions. This means streamlined audits and cost savings for organizations without robust cloud security programs.

Click on the tabs below to see key HITRUST CSF controls addressed by our solutions:

Armor Security ServicesHIPAA/HITECH ControlsHITRUST CSF v8 Controls Required for CertificationRisk Mitigation
Intrusion DetectionSecurity best practice – implied control under 164.306(A)09.mMalicious allowed traffic
Internal Network Vulnerability ScanningIncluded in §164.308(a)(1)10.mExploits due to missing patches/updates; improper network firewall configuration
File Integrity Monitoring§164.312(e)09.ab, 10.hMonitoring unauthorized changes to critical files
OS Patching/UpdatingSecurity best practice implied control under 164.306(A)10.mOS weaknesses Malware Protection
Malware Protection§164.308(a)(5)(ii)(B)09.ab(HT4), 10.hCompromise due to virus/malware infection
Log Management§164.308(a)(1)(ii)(D), §164.308(a)(5)(ii)(C), §164.312(b)09.aa, 09.ab, 09.acDetection of malicious activity

*Please note that the above table does not represent all HITRUST controls nor those covered by Armor. View the full compliance matrix for additional information.

View the entire Armor Anywhere HITRUST Compliance Matrix.

Armor Security ServicesHIPAA/HITECH ControlsHITRUST CSF v8 Controls Required for CertificationRisk Mitigation
IP Reputation Filtering§164.308(a)(1)(ii)(A)09.mActivity from known bad sources
DDoS MitigationSecurity best practice implied control under 164.306(A)09.m, 09.h (included in Level 2 implementation)Loss of availability due to high volume of malicious activity
Web Application FirewallSecurity best practice – implied control under 164.306(A)09.mApplication layer flaws and exploits
Intrusion DetectionSecurity best practice implied control under 164.306(A)09.mMalicious allowed traffic
Network Firewall (Hypervisor-Based)Security best practice implied control under 164.306(A)01.m, 01.o, 01.w, 09.mUnwanted network connectivity
Secure Remote Access (Two-factor authentication)§164.312(d), §164.312(a)(2)(iii)01.j, 05.i, 09.sUnauthorized remote use of administrative access
Secure Remote Administrative Access§164.312(d)01.j, 05.i, 09.m, 09.sDisclosure of administrative credentials
OS Patching/UpdatingSecurity best practice implied control under 164.306(A)10.mOS weaknesses Malware Protection
Malware Protection§164.308(a)(5)(ii)(B)09.ab, 10.hCompromise due to virus/malware infection
Log Management§164.308(a)(1)(ii)(D), §164.308(a)(5)(ii)(C), §164.312(b)09.aa, 09.ab, 09.acDetection of malicious activity
Physical Security§164.310(a)(2)(i), §164.310(a)(2)(ii), §164.310(a)(2)(iii), §164.310(a)(2)(iv)08.b, 08.d, 08.j, 09.ab, 09.qPhysical theft or compromise of data

*Please note that the above table does not represent all HITRUST controls nor those covered by Armor. View the full compliance matrix for additional information.

View the entire Armor Complete HITRUST Compliance Matrix.

Armor Compliance Expertise: HIPAA

Armor is HITRUST CSF certified. We are HIPAA compliance experts. In fact, HITRUST chose us to secure their MyCSF application. Why wouldn’t you choose the security provider trusted by HITRUST itself? Seems like a no-brainer—plus, you’re compliant the day you entrust your security needs with Armor.

Leverage that HIPAA compliance expertise to overcome any compliance challenge. We provide 24/7/365 hands-on support for your internal teams tasked with managing HIPAA-regulated data and compliance. Relying on our proven security talent is the most direct way to increase your cloud security proficiency without adding to headcount or purchasing and integrating DIY tools.

Our talent and best-of-breed security technologies culminate in a heightened level of cloud security and compliance that only Armor can deliver.

Extend your security team

  • Our CISO is Your CISO: Extend your cloud security roster with proven security talent. We streamline audits and assessments with hands-on expertise and guidance through any HIPAA and HITRUST CSF cloud compliance challenge.
  • Certifiable Cyber Security Badasses: The individuals in our security operations center (SecOps) have a combined 60 cyber security certifications.
  • Proven Cloud Security Results: Our SOC managed more than 4,800 security incidents and analyzed more than 771 billion logs in 2016.

Learn more about extending your security team.

#####EOF##### Webinar | At the Gates of the Cloud: The Mindset of Small & Medium-Sized Enterprises - Armor
Loading Events

April 17

10:00 am - 11:00 am

Webinar | At the Gates of the Cloud: The Mindset of Small & Medium-Sized Enterprises

Virtual Event

What are real practitioners at small and medium-sized enterprises (SMEs) doing with their cloud infrastructures and cybersecurity programs, and why are they doing it? Our newest report commissioned in partnership with the 451 Research group dives into these questions – providing a unique lens of “on the ground” experiences and opinions. From our findings, it’s clear that many SMEs have shown an increased awareness of cyber risk and the impact a breach could have on their organizations. However, big decisions regarding the right cybersecurity strategy still loom ahead.

Join Armor’s Chief Technology Officer Josh Bosquez to learn:

  • What investments are being made in cybersecurity and cloud
  • The challenges and cybersecurity incidents impacting SMEs
  • A renewed approach to achieving optimal security
Register Now
#####EOF##### Partner Lead Submission - Armor

Armor Guardian Partner Portal

This content is password protected. To view it please enter your password below:

#####EOF##### Site Map - Armor

Site Map

XML Sitemap
#####EOF##### Armor Privacy and Acceptable Use Policy
#####EOF##### Armor Automated Security and Compliance – RedLock - Armor

Cloud Misconfiguration: The “Accidental” Security Risks in the Cloud

As organizations migrate applications and data to the cloud, they are realizing that many of their staff lack cloud security expertise. The cloud represents a fundamentally different approach to computing and the security differences between the cloud and traditional on-premise infrastructures are night and day. Because of these differences in computing, your staff is likely to make mistakes that result in configuration errors in your cloud. While not intentional, these mistakes will be costly to businesses as they look to secure their data in the cloud. Below are some stats that highlight this risk:

Sign up to request a free security and compliance assessment

Introducing Armor Automated Security and Compliance – RedLock

Securing the Accidental and Intentional

In order to solve the risks associated with how your employees are using and configuring the cloud, Armor has partnered with RedLock®, a continuous cloud security and compliance posture management solution for hybrid and multi-cloud environments and is from Palo Alto Networks, to launch: Armor Automated Security and Compliance – RedLock. This offering combines the RedLock and Armor Anywhere offerings to reduce security incident response times resolving both the accidental and intentional security threats to your cloud environment. With the RedLock offering, Armor is able to help clients resolve any configuration missteps (i.e. leaving cloud storage open to the world, exposing an application to the public internet, not enforcing IAM rules, etc.) with how they are using the cloud that might leave their environment vulnerable to breach. Armor Anywhere takes this service a step further by providing threat detection and response against intentional attacks against your environment by threat actors (i.e. intrusion detection, file integrity monitoring, malware protection). Combined, the offering protects against accidental and intentional threats to your cloud environments.

Delivering on the Promise of Continuous Security and Compliance

Armor Offers a FREE Initial Security and Compliance Assessment for your Cloud Posture

Get started with Armor’s Automated Security and Compliance – RedLock offering by taking a free security and compliance assessment to get a baseline reading of your cloud security and compliance posture. Armor offers a free assessment for one of the following standards:

  • CIS v1.2.0 (AWS)
  • GDPR
  • HIPAA
  • ISO 27001:2013
  • NIST 800-53 Rev4
  • NIST CSF
  • PCI DSS v3.2
  • SOC 2

Armor Automated Security and Compliance – RedLock: How it Works

After your initial free assessment, organizations will purchase Armor Automated Security and Compliance – RedLock so they can continuously monitor security and compliance violations of one or many of the above standards. The diagram below shows how the offering works to deliver on the promise of continuous compliance and security monitoring within your environment; this product allows you to manage risk within your environment based on your business requirements, the latest threat intelligence and regulatory and best practice standards.

With Armor Automated Security and Compliance – RedLock you Can:

  • Identify your cloud environment footprint and monitor for the creation of new instances or buckets (i.e., shadow IT).
  • Provide policy visibility and ensure consistent enforcement across multiple cloud providers.
  • Scan your compute instances for misconfigurations and improper settings that could leave them vulnerable to exploitation.
  • Scan your storage buckets for misconfigurations that could make data accessible to the public.
  • Audit for adherence to appropriate compliance mandates.
  • Perform risk assessments vs. frameworks and external standards such as the International Organization for Standardization (ISO) and National Institute of Standards and Technology (NIST).
  • Verify that operational activities are being performed as expected (e.g., key rotations).
  • Automated remediation—or remediation at the click of a button.
  • Host-based security controls (FIM, IDS, Malware Protection, Vulnerability Scanning) to protect against intentional attacks against your environment from threat actors.
#####EOF##### A Cloud Security and Compliance Solutions Company - Armor

Armor,

Making Cloud Security Simple.

I want to learn more about __________

We Protect

Armor’s threat prevention and response platform blocks 99.999% of security events, they never even get close to your network’s perimeter.

We Detect

The industry average is 125 days to detect and eliminate a threat.
Armor’s average? Less than a day.

We Respond

Most cloud security companies stop at sending an alert. At Armor, we stop at eradication.

Armor Management Portal

AMP up your Security

  • Unified Visibility and Control
    All security alerts across the host, network, and application layers of your on-prem, hybrid, private, and public cloud environments aggregated and correlated for you in easy to understand security insights and remediation actions. Reduce alert fatigue, remediate true security incidents, and maintain a proactive security posture with Armor, so you can focus on what really matters, growing your business. Learn More
  • 2 Minute Security Protections, Any OS
    Easily deploy host-based security and compliance controls for every workload in your environment. Use Armor within your CI/CD pipeline to deploy security proactively with every workload. Developers like to move fast and innovate, using the cloud to their advantage. With Armor you can ensure your developers enjoy the benefits of elasticity, scale, and cost in the cloud while staying secure and compliant. Learn More
  • Robust Log and Data Management
    Data is the lifeblood of today's digital era. Your data is often the path to uncovering vulnerabilities in your cloud environment, creating an audit trail of employee actions to ensure security policies are being followed, and finding the trail of a hacker in an incident forensics and response investigation. Use Armor's robust log management capabilities to capture security logs from your environment, PaaS, application, and security appliance logs. Retain logs to meet HIPAA and PCI mandates. Learn More

A Simple Solution to Complex Security Problems

1.011T+
events analyzed per month and growing

99.999%
of security threats blocked
 

6000+
priority incidents conducted annually

Community insights from
1,200+
customers globally

0
hardware appliances deployed

0.71 day
dwell time versus 100+ days industry average

100%
audits pass rate
 

286%
ROI over 3 years with payback in 4 months

What Goes Into Simplifying Cloud Security

ARMOR’S THREAT PREVENTION AND RESPONSE IN ACTION

COMMUNITY-POWERED INSIGHTS

Leverage the collective knowledge of more than 1,200 client environments.

ADVANCED ANALYTICS & CORRELATION

Discover anomalies and patterns across your security ecosystem.

Threat Intelligence

Apply intelligence and context to better understand the threat.

Continuous Threat Hunting

Uncover targeted threat indicators and potential threat actors operating within your environment.

Orchestration

Playbooks accelerate response and automate repetitive tasks and workflows.

FORENSIC RESEARCH & INVESTIGATION

Consolidated and intuitive search, analysis and investigation of events.

BREACH RECOVERY

Ensure data protection and availability of workloads.

Brand Reputation

Extend security beyond your network boundaries by monitoring the dark web for threat activity against your company.

CONTINUOUS RESPONSE

Respond and resolve security threats faster across cloud workloads, on premises, and hybrid IT environments.

Armor Events

Thought leadership and unique experiences presented by Armor

Armor educates, entertains and engages with the community through a variety of events. Join for a speaking session, stop by our exhibitor table, or tune in to one of Armor’s webinars to witness our security experts in action.

Events

Apr 172019

Webinar | At the Gates of the Cloud: The Mindset of Small & Medium-Sized Enterprises

Rachel Chism Image

Rachel Chism

Apr 42019

Learnings from Analysis of 11 Major Misconfiguration Incidents

| Senior Product Marketing Manager

As we continue to discuss Cloud Security Posture Management (CSPM) tools as they evolve in the marketplace and within our own portfolio, it’s also necessary to consider why they’re important. With that in mind, let’s take a look at some context on major data breaches making headlines over the past couple of years, including Dow […]

David Lorti Image

David Lorti

Senior Product Marketing Manager

David Lorti is a Senior Product Marketing Manager at Armor. He is responsible for market and competitive analysis, sales enablement and go-to-market for new Armor offerings related to Armor’s Armor Anywhere solution. He has long-standing experience in the cybersecurity and technology industry launching cloud security and managed security, security and risk consulting, threat intelligence and incident response offerings. He graduated with a Masters of International Management from Thunderbird School of Global Management and a Bachelor of Arts from Arizona State University.

Armor Blog

CYBER SECURITY & THREAT INTELLIGENCE FROM THE EXPERTS AT ARMOR

Every week, the Armor blog provides analysis, thought leadership and actionable insights for a variety of cloud security topics and news. Our experts keep you informed and ready for cyber threats as they emerge. Stay tuned, and secure.

#####EOF##### Threat Intelligence Articles - Armor

Threat Intelligence Articles

Threat Intelligence Articles

Threat Intelligence Articles

Armor Detects and Neutralizes 681 Million Cyberattacks Launched at its Cloud Customers in 2018

If you think that hackers aren’t going after organizations’ data being hosted in the cloud, well think again. Armor, a leading cloud security solutions provider which protects the informational assets of 1,200 cloud clients globally, reported that during 2018 they detected and neutralized over 681 million cyber attacks being launched at its clients. Read more on the report.

Amy Bakameyer Image

Amy Bakameyer

Threat Intelligence Articles

Threat Alert – Armor Warns Online Retailers of Increased Attacks

Threat Alert – Armor has found what it believes to be the first Magecart-style (credit card sniffing) attack tool to be openly offered for sale on the Dark Web.

admin Image

admin

Threat Intelligence Articles

Threat Intelligence Brief – Q1 2018

In April, we released the much-anticipated Black Market Report, based on three months’ worth of Dark Web research from Armor’s Threat Resistance Unit. The report features some scary information, like how much your personal data is worth and how cheap cybercrime-as-a-service can be.

admin Image

admin

Threat Intelligence Articles

Threat Intelligence Brief – September 2017

TECH TALK Locky Ransomware With the media frenzy of the WannaCry and Petya ransomware events earlier this summer, you’d be forgiven for forgetting about Locky. However, this ransomware variant continues to be a serious threat even a year after its release. Case in point, three major botnet spam campaigns delivered Locky variants in April and […]

admin Image

admin

Threat Intelligence Articles

Threat Intelligence Brief – August 2017

TECH TALK With email phishing’s continued popularity and effectiveness, it’s important that we expand on last month’s topic with an overview of email header analysis. Analyzing email headers can help you determine if the email is spoofed, or manipulated so that the source of the email appears to be from a familiar source. Spoofed emails […]

admin Image

admin

Threat Intelligence Articles

Threat Intelligence Brief – July 2017

TECH TALK Threat Actor Phishing Reconnaissance The Shadow Brokers showed no signs of slowing down in June. In fact, it was quite the opposite as they launched the “Data Dump of the Month Club.” So, not only are they not slowing down, they’ve created a profitable subscriber-based business model. We attempted to highlight several key […]

admin Image

admin

Threat Intelligence Articles

Threat Intelligence Brief – June 2017

TECH TALK Minimizing damage from the next WannaCry The recent use of the Shadow Brokers’ leaked tools in recent malware campaigns ( Wannacry /Adylkuzz Botnet/EternalRocks) has highlighted a dirty little secret in the IT world: The continued reliance on unsupported, past end-of-life or unpatchable servers. These legacy systems create easily exploited holes in a corporate […]

admin Image

admin

Threat Intelligence Articles

Threat Intelligence Brief – May 2017

THIS MONTH’S THREAT: News Alert: WannaCry Ransomware By now, you’ve likely seen headlines about the global ransomware attack that has affected 230,000 users in nearly 150 countries and knocked the likes of UK’s National Health Services (NHS), Spain’s Telefonica and FedEX out of commission. The attack utilized multiple exploits and post-exploitation tools based on alleged […]

admin Image

admin

Threat Intelligence Articles

Threat Intelligence Brief – April 2017

THIS MONTH’S THREAT: Authentication Attacks Despite the increasing sophistication of threat actor tactics, authentication attacks still remain the most successful attack vector – fueled by the prevalence of weak passwords. It’s hard to believe weak passwords are so prevalent given the intense focus on data breaches. In fact, the most common passwords in the 2016 […]

admin Image

admin

Threat Intelligence Articles

Threat Intelligence Brief – March 2017

THIS MONTH’S THREAT: Improper Patch Management Engineering a completely secure product is almost impossible: Some bugs will still get through regardless of how robust an internal testing regimen is. That’s the nature of the software business. With time and effort, security researchers, admins, users and hackers find vulnerabilities within software that can compromise the integrity […]

admin Image

admin

#####EOF##### Armor Malware Protection - Armor

Malware protection can save you

Keeping intruders out of your environment saves you time, money, and your reputation

Traditional methods of cybersecurity may not include malware protection—a necessity in today’s rapidly evolving cyberthreat landscape. Malicious software (malware) in your network can lead to account compromise, data theft, and possibly access to even more sensitive data in your environment. Any of those incidents can cause network outages, cost vast sums of money to remediate, and devastate a sterling company reputation and earned goodwill.

Today’s sophisticated threats require an approach that blends threat protection strategies and applies the right technique at the right time. Armor’s malware protection service provides an additional layer of detection for indicators of compromise (IOC) or a breach of your environment.

ARMOR MALWARE PROTECTION DELIVERS

  • Unified protection across your cloud, on-premise, hybrid, container, and hosted environments through correlation of malware events with other security controls under our management.
  • DevOps-friendly integration into the continuous integration and continuous delivery (CI/CD) pipeline
  • Audit-ready IT environments that meet compliance regulations and industry guidelines spanning the datacenter and cloud: PCI DSS, HIPAA, DFS-500, ISO, and GDPR.
  • Access to time-tested security and compliance experts who monitor your environments 24/7/365.
  • Go beyond simple alerting—beyond compliance—and respond to incidents faster.

DevOps: The Masters of the Continuous Integration & Continuous Delivery Pipeline

Building better applications that meet the speed and demands of your organization is what drives a successful DevOps practice. Having effective security controls such as malware protection is an important part of an integrated and automated pipeline. Malicious software can derail you from doing what you do best (building and deploying applications) and cause headaches when compliance and security teams get involved. Armor’s malware protection is a built-in security control that helps you integrate security into your CI/CD pipeline with API-first tools and resources.

Armor Malware Protection

Armor malware protection monitors your hosts 24/7/365 for anomalous and unauthorized activities that indicate potential threats. The malware protection service provides detection of and protection against malware. Our malware protection application deploys the application agent with the Armor agent.

Diving Deeper: Malware

Kevin Dickinson | Head of Incident Response and Forensics

In 1971, Creeper, perhaps the earliest documented occurrence of malware, was created in an experiment designed to test how a program might move between computers. Fast forward to 2018, and the seeds planted in that experiment decades ago have grown into something far more dangerous […]

Malware Features

  • Extended Visibility
    The Malware Protection service's status rolls up into the PDR scores. The dashboard displays both Protect and Detect scores require an operable service.
  • Malware Scanning
    In the Malware Protection screen, the dashboard displays the various malware protection statuses of your virtual machines (or instances): Green indicates a virtual machine in a Secured Malware Protection status. Yellow indicates a virtual machine in a Warning Malware Protection status. Red indicates a virtual machine in a Critical Malware Protection status.
  • Filter out the noise
    Scan results are categorized by criticality so your security team can focus on fixing the indicators of compromise most likely to open your environment to threats.

WHY USE ARMOR

CHECK OUT WHY CUSTOMERS TRUST ARMOR FOR THREAT DETECTION, INCIDENT RESPONSE, AND COMPLIANCE MANAGEMENT.

#####EOF##### Meltdown CPU Vulnerability: Securing Your Data - Armor

Update 2018-01-17 – Additional Updates will post as new information becomes available.

Armor-Specific Notes

Armor client utilizes Trend DeepSecurity for antivirus. Armor has deployed the necessary updates to DeepSecurity, and all Operating Systems can be patched.

Armor is powered by VMware ESXi, which is not vulnerable to the Meltdown vulnerability. Per VMware: “…Rogue Data Cache Load (CVE-2017-5754), was disclosed along the other two issues. It does not affect ESXi, Workstation, and Fusion because ESXi does not run untrusted user mode code…”

Updates

IMPORTANT: Those with encryption software installed on their system should check with the encryption vendor to ensure compatibility before installing any operating system patches, or significant data loss and/or downtime can occur.

IMPORTANT: Many vendors have released and recalled patches and updates due to major issues after updating. Check with your vendor on recommendations before patching, and as always make sure you test before implementing to production.

Both software and hardware need to be updated to address the vulnerability, including patching all affected operating systems, including host and any VMs.

Overview

The announcement of critical flaws in CPUs produced by Intel, ARM and AMD sent shock waves through the world as we are dependent on them in our day-to-day lives. Researchers have now confirmed three variants of CPU vulnerabilities named Meltdown (variant 3) and Spectre (variant 1&2). The vulnerabilities could potentially allow threat actors to access sensitive data in protected memory by bypassing critical security controls. 

The vulnerabilities are present in Intel processors produced in the past decade and some since 1995, as well as some CPUs manufactured by AMD and ARM. This in turn affects any systems running on those processors. 

Microsoft released patches to plug Meltdown and certain use-cases of Spectre for supported Operating Systems.

VMware ESXi is not affected by Meltdown, per VMware statement. 

Below information is specific to Meltdown, see the Spectre FAQ for information related to Spectre

Synopsis of the Meltdown problem

Many modern processor architectures perform speculative execution. Speculative execution is an optimization technique wherein an operation is performed before it is determined whether or not the operation is necessary in order to reduce program execution times.

There are many kinds of speculative execution, but this issue occurs with operations that attempt to load kernel assigned memory space. While the read is successfully blocked (preventing the program from just reading and directly displaying the kernel contents), processor caches and state are still changed. By utilizing a side-channel attack, kernel memory contents can be derived.

Armor has not observed any active exploitation. Our Threat Resistance Unit (TRU) is actively watching for any indications of exploitation, and we will post an update if any are observed. 

  • Any machine running an Intel chip made in the last 20 years other than Intel Itanium and Intel Atom before 2013.
  • ARM has released a list of products affected by Meltdown.
  • Apple hardware, aside from the Apple Watch, is affected by Meltdown.
  • AMD has stated that their processors are not affected by Meltdown.

At this point, it appears the majority of operating systems running on top of the affected CPUs are affected by this vulnerability. You can confirm directly with your operating system vendor.  

VMware ESXi states they are not vulnerable to Meltdown (CVE-2017-5754)per VMware.

The patch involves separating the kernel’s memory space completely from user processes. 

A list of available updates can be found at the bottom of meltdownattack.com.

  • Implementing the fix to separate the memory spaces will likely have a performance impact on the systems, though the performance hit will be determined by the type of work occurring on each system and hardware in use.
  • The impact is expected to be reduced on newer Intel processors with process-context identifiers enabled.
  • Many antivirus programs are preventing the installation of the patch. If you experience problems installing updates to your operating system, check with your antivirus vendor for instructions.
  • Per Microsoft, “Customers will not receive the January 2018 security updates (or any subsequent security updates) and will not be protected from security vulnerabilities” unless the installed antivirus is set as compatible on the system.

Please read the associated advisories from software and hardware vendors to determine potential performance impact following the updates.

Any system that allows execution of custom code affected by this vulnerability. Even if not directly affected, virtual machines or containers operating as network devices (such as Cisco) can be targeted if the hosting environment is vulnerable. A list of available updates can be found at the bottom of meltdownattack.com.

Both software and hardware need to be updated to address the vulnerability, including patching affected operating systems, both host and VM.

  • Cloud providers using affected hardware without mitigating patches applied are vulnerable. Even cloud providers without real hardware virtualization, relying on containers sharing one kernel, such as Docker, are vulnerable if not patched.
  • Microsoft has patched the Azure infrastructure at the hypervisor level and is not requiring customers to patch their virtual machines for Meltdown protection, however patching is still strongly advised. (note: this patch guidance from Microsoft applies only to Meltdown. See the Spectre FAQ for Spectre response).
  • Amazon AWS has stated that it’s already protected “nearly all AWS instances” although customers will still have to patch the guest operating systems to guard against compromise within a single virtual machine.
  • Per Google: “Google Cloud is architected in a manner that enables us to update the environment while providing operational continuity for our customers.” Google is still requesting customers patch the guest operating systems for full protection.
  • Armor’s cloud infrastructure is not affected by Meltdown (See VMware comment above).

Reference CVE: 

  • CVE-2017-5754: Rogue data cache load (Meltdown)  

 

We will be monitoring the issue and will release updates as they are available.  

What you can do:

  • Inventory your network to look for vulnerable systems.
  • Confirm your antivirus is compatible with the updates.
  • Monitor vendor sites for patch availability for your installed operating systems. 
  • Test and apply patches when available. 
  • Scan patched systems after patch completion to confirm.  
  • Adhere to current security best practices.  
  • Be wary of any vendors claiming to address security risks for this newly announced vulnerability.  Until Intel and the operating system developers release further details, we cannot know for sure what mitigating controls could be used to reduce your risk.

Jan 52018

Meltdown: How to Protect Your Company

Every once in a while, there are days those of us in IT know will require extra cups of coffee to get through. The past few days have been among them, as revelations about critical vulnerabilities in microprocessors from Intel, ARM and AMD have caused quite a stir. Dubbed Spectre and Meltdown, these vulnerabilities could […]

Additional Links

Patching Status Matrix
See the latest available patches for your operation system(s). This matrix will continue to be updated as patches become available.

#####EOF##### Why Cloud Security Matters for Your Business - Armor

Why Security Matters

Is cloud security a priority for your organization?

If you’re one of the 80% of organizations that deprioritize cyber security, you likely have your reasons, such as:

  • Not enough budget allocated for security
  • You believe your cloud provider is responsible
  • You’ve met your compliance requirements and don’t want additional controls (i.e. believing that HIPAA compliance in the cloud is enough to keep your data secure.)

Regardless of your rationale, you’re putting you and your customers at risk by settling for a diminished level of protection for your cloud data.

Why Security Matters in the Cloud

These misconceptions can create significant deficiencies when combating cyber threats. The truth is, security has to matter for every cloud-ready organization for three reasons:

  • It helps prevent costly and damaging data breaches
  • Your cloud provider only manages part of your security
  • Being compliant isn’t enough

Understanding the reasons why is the first step toward defending yourself against increasingly sophisticated and very real cyber threats. Read below to learn why securing your cloud can’t be an afterthought.

Threat Intelligence Briefing

Keep up-to-date on the latest threats.

Worth the Investment

The true cost of a cyber breach

More than 1.3 billion records were breached last year. That’s 44 breached records every second –  up 84% since 2015. Healthcare and financial services were the most targeted, but every industry was affected, with technology, retail, government, and education organizations breached in 2016.

The true cost of a cyber breach is enormous. Data breaches not only put your customer’s information at risk, but they can damage your reputation. And, on top of lost revenue, there’s also insurance payouts ($3 million average), crisis services ($375K average), legal settlements ($815K average) and regulatory fines (two telecom carriers were fined by the FCC for $10 million in 2014).

So, it’s not a matter of IF a threat actor will target your network it’s a matter of WHEN. And, if they overcome your defenses, it becomes a race against time to limit the damage. Investing in your cloud security helps lower the chance of compromise and ensure that successful attacks are remediated quickly.

Take the first step toward prioritizing cloud security with the Armor Advisor tool. In 30 seconds, you’ll know the right security solution for your cloud.

Your Cloud Services Provider Won’t Do It For You

Understanding the shared responsibility model

It’s a common misconception that your cloud provider secures your data. While some providers offer security tools, the fact is, you’re responsible for everything operating on their cloud, such as data workloads and applications.

Your cloud provider is only responsible for securing the infrastructure powering your cloud, such as the data center, physical servers and cloud management platforms.

Armor Anywhere was developed to lower the burden of shared responsibility in any cloud, including public, private or hybrid environments. It easily integrates on top of your cloud-hosted data workloads and applications to provide a perfect balance of security, cost-effectiveness and cloud accessibility.

See how Armor Anywhere closes the shared responsibility gap for cloud-ready organizations.

Compliance Isn’t Enough

Why compliance is an outcome of security, not the driver of it

There’s no doubt that compliance is important. However, it’s only one outcome of cloud security and shouldn’t be mistaken as its driver. Compliance standards are static and don’t evolve as rapidly as cyber threats. So, instead of providing a comprehensive layer of protection, compliance essentially becomes the lowest common denominator of security requirements for cloud-ready organizations. The 2013 Target Corp. breach is a clear example of this challenge as they were declared PCI-compliant just two months prior to the breach.

Don’t make life easier for threat actors. The goal of every cloud security program should be achieving the highest level of reliable protection, instead of stopping your pursuit of security at HIPAA or PCI compliance in the cloud. Compliance should be the outcome of security, not its driver.

Learn more about the difference between security vs. compliance.

Get Serious About Cloud Security

Take the first step toward securing your cloud and hybrid workloads

With so many cybersecurity solutions and services available, it can be difficult to know where to start. Armor makes it easy.

This is where Armor stands apart.

As a born-in-the-cloud cybersecurity services company, we provide the services, talent and visibility needed to protect you in any environment. And the standard we’ve set for managed cloud security is simply unmatched.

It’s time to make cloud security a priority for your organization. Take the first step toward uncompromised cloud security with Armor.

Infographics

How To Secure Your Cloud

A secure cloud is defined by six essential cloud security elements that work to protect your data from malicious cyber threats. See how.

admin Image

admin

#####EOF##### Network Segmentation in the Cloud - Armor

Keeping Them Out of Your Vault: Network Segmentation in the Cloud

September 15, 2017

When does a breach become lethal?

Is it the initial compromise, possibly due to unpatched vulnerabilities? Or, is it the exfiltration of valuable data – when a compromise becomes a breach and potentially a headline in the news cycle?

Semantics aside, there’s another, often ignored aspect in the evolution from compromise to breach, one with the potential to determine the magnitude of a cyberattack; lateral movement. For the purposes of this article, lateral movement refers to unauthorized movement between connected systems within a cloud environment. If unchecked, it can spell the difference between annoyance and outright panic for an organization.

Preventing Lateral Movement in the Cloud

Active monitoring of your environment helps, especially if you can catch threat actors as close to the initial compromise as possible. There’s even a useful metric to determine the efficiency of compromise call dwell time. That’s all well and good, but doesn’t address the core facilitator of lateral movement, improperly configured – or non-existent – network segmentation of a cloud environment.

Think of it this way: A bank branch can set up robust security processes to monitor customer access and movement. However, if they leave the vault unlocked and easily accessible from the lobby, it only takes one slip up before someone strolls out of the branch with cartoonishly large bags of money.

I can only imagine that post-incident, the first question from the police would be along the lines of “why didn’t you close the vault?” It’s along the same line of questioning for business denizens in the cloud, which would be: “why isn’t your ‘vault,’ the area of your most valuable data, protected from unauthorized access?”

The Importance of Network Segmentation

Another, and more direct, way to frame this question is, “why isn’t your cloud environment segmented?”

Understandably, there is a multitude of reasons for why an organization might not adhere to network segmentation best practices – many of which are tied to the challenges and frustrations of cloud migration. It’s easy for network segmentation to slip on the priority list when you’re still wrapping your head around the shift from on-premises to cloud resources. However, as we’ve hopefully made painfully clear, it can’t be ignored when orienting the security and control of a cloud environment.

Considering the differences and similarities is the first step to knowing how to implement them– both of which we cover below.

How Network Segmentation is Different in the Cloud

When implementing network segmentation for traditional networks, firewalls are the essential technology. Most segmented networks utilize redundant external firewalls that strictly regulate traffic via firewall rules. Within the network, there are internal segmented firewalls (ISFWs) and ACLs (Access Control Lists) that control which users can gain access to particular network segments. Physical appliances such as external firewalls, internal routers, and switches are also critical.

Network segmentation in the cloud operates on similar principals but necessitates a different method of implementation. Many cloud infrastructures rely on software-defined networking (SDN). With the SDN approach, network access is controlled via software applications such as OpenFlow, which works in conjunction with virtualized firewalls.

In a traditional structure, physical routers and switches would carry out these same functions.

But despite the different infrastructure, the basics of network segmentation remain the same. Within the cloud—and all virtual appliances that are part of the network—users should implement ISFWs between different network segments. Experts recommend installing ISFWs between different trust zones within the network. So if a network segment (such as a particular application) requires a different trust level than another segment, an ISFW should be implemented between the two. This allows organizations to grant access to users as needed without the risks of a fully open network.

Best Practices for Network Segmentation

There are many best practices to keep in mind when implementing network segmentation in the cloud, these include:

  • Understand the SDN methods utilized by your cloud provider, as well as the method utilized by any outside cloud-based applications. Their methods will determine your segmentation requirements.
  • Familiarize yourself with the network segmentation tools offered by your cloud provider. AWS, Azure, and other reputable cloud providers offer users a range of segmentation features. AWS, for example, allows users to create subnets, which are sub-networks within the larger virtual cloud. Subnets may be set to public, private, or protected.
  • While we talk of the cloud, that term is somewhat misleading. In some cases, it may be beneficial to host particular data and applications on separate Virtual Private Clouds (VPC). AWS allows users to create multiple VPCs from the same account.
  • Make use of tools that allow you to control network traffic. Most virtualization platforms provide specialized tools that allow management and production traffic to be segmented.
  • You can also utilize switch-based network segmentation in the cloud. There are different ways to deploy VLAN tags in order to segment your network. Private VLANs (PVLANs) can also be deployed in certain circumstances.
  • Don’t overlook higher-level segmentation: segmentation that regulates which IP addresses can access network segments. There are many tools available to do this, including firewall rule sets and load balancers.

Taking Network Segmentation Seriously

These best practices, as well as a firm understanding of network segmentation in the cloud, is the best way to avoid an uncomfortable situation where a post-breach auditor asks why you didn’t prevent lateral movement by at least “locking the vault.”

Maximizing your security investment starts with hiring the right talent, harvesting data, spotting trends in logs and more.
https://t.co/dTrVAPjnX2

We’ve identified 11 major cyberincidents that involved a #cloud #misconfiguration and resulted in data exposure. In this #blog are 3 major findings from our analysis:
https://t.co/MXLuH5DLyD

If your company has data stored in the public cloud, how confident are you that it is secure and compliant? #poll #cloud #cybersecurity @awscloud @Azure @GCPcloud

Load More...
Follow Armor On Twitter
#####EOF##### Cloud Security: The Honeypot Project - Armor

Cloud Security: The Honeypot Project

Cloud Security: The Honeypot Project

Effectively leveraging the cloud is not just about migrating data and applications. Security must travel into the cloud as well. As businesses have embraced cloud computing, attackers have turned their attention to cloud environments as well. In conjunction with Crusade Partners, Armor conducted a honeypot experiment to observe what the threat landscape can be like for small and midsized businesses. It didn’t take long for attackers to demonstrate just how challenging the situation can be. Almost immediately, attack activity began. Now as much as ever, it is critical for businesses to take a defense in-depth approach to cloud security that takes advantage of native controls, security best practices and additional security technologies and services that can detect, prevent and respond to the threats that can impact your cloud environment.

#####EOF##### Privacy Statement - Armor

Privacy Statement

Effective Date: 1/15/2019

TRUSTe

Armor Defense Inc., (“Armor” or “we” or “us” or “our”) is committed to protecting the privacy of its customers (“customers” or “you”).  This Privacy Statement describes how we collect, utilize, distribute and protect personally identifiable information you provide to us through our website: www.armor.com and our service platform. It also describes the choices available to you regarding Armor’s use of your personally identifying information and the steps you can take to access, update and correct your personal information. The use of information collected through our service shall be limited to the purpose of providing the service for which the Client has engaged Armor.

For the purposes of this Privacy Statement, “customer” shall mean any past, present, or prospective user of Armor’s products or services, including any users of the Armor Website (the “Site”).

 
EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield

Armor has offices in the United States and the United Kingdom.  Therefore, it is possible that your information may be available to these offices.  To ensure adequate protection of the transfer of your personal information to these jurisdictions, Armor participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.  We are committed to subjecting all personal information received from European Union (EU) member countries and Switzerland to the Framework’s applicable Principles. Armor is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.  To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List. [https://www.privacyshield.gov]

Armor is responsible for the processing of personal information it receives under the Privacy Shield Framework, and may subsequently provide personal information to third parties to perform services on our behalf.  Armor complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.  That is, if we transfer personal information received under the Privacy Shield to a third party, Armor will obtain assurances from the third party that they will safeguard personal information in a manner consistent with our obligations under the Privacy Shield. We will remain responsible under the Privacy Shield for any failure to do so by the third party, unless we prove we are not responsible for the event giving rise to the damage.

Armor ’s adherence to the Privacy Shield may be limited in circumstances where Armor may be required to disclose personal information such as in response to lawful requests by public authorities, including to meet national security, public interest or law enforcement requirements, or as required by statute, government regulation, or court order.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Under certain conditions, more fully described on the Privacy Shield website [https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint], you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

 

Personally Identifiable Information We Collect Information Provided by You

Armor receives and stores any information you provide to us through your use of our Site, the Armor products or services, including correspondence relating to customer support, or in any other manner. Such information includes, but is not limited to, contact details such as your first and last name, telephone number(s), physical addresses, mailing address, job title, email address, and log-in credentials (as applicable). You may choose not to provide certain information, but you may not be able to take advantage of many of our features.

Financial Information: Customers may be required to submit financial information such as first and last name, credit card number and billing address in order to receive certain services from Armor. Armor will not sell, share or rent any of your financial information, except as set forth in this Privacy Statement or as necessary to provide the services.

Automatic Information: Armor may collect and store certain information about your visits and interactions with our site that does not directly identify you, but is automatically received and recorded by us through use of “cookies.” We use cookies or similar technologies to analyze trends, administer the website, track users’ movements around the website, and to gather demographic information about our user-base. You can control the use of cookies by selecting the appropriate settings in your browser. If you choose to disable cookies, it may limit your use of certain features or functions on our website or service.

Additionally, as is true of most web sites, we gather certain information automatically and store it in log files.  This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data.

We may combine this automatically collected log information with other information we collect about you.  We do this to improve services we offer you, to improve marketing, analytics, or site functionality.

For information Collected through our Service Platform: Armor collects information under the direction of its Clients, and has no direct relationship with the individuals whose personal information it processes. If you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that use our service, please contact the Client that you interact with directly. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to the Armor’s Client (the data controller). If requested to remove data we will respond within a reasonable timeframe.

We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our Clients.

We will retain personal information we process on behalf of our Clients for as long as needed to provide services to our Client. Armor will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Social Media Widgets: The Site includes social media features, such as the Facebook button and other widgets or interactive mini-programs that operate on our Site. These features may collect information such as your IP address, which page(s) you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these features are governed by the privacy statement of the company providing the applicable feature.

Behavioral Targeting/Re-Targeting:  We partner with a third-party ad network to either display advertising on our Site or to manage our advertising on other sites. Our ad network partner uses cookies and web beacons to collect non-personally identifiable information about your activities on this and other websites to provide you targeted advertising based upon your interests. If you wish not to have this information used for the purpose of serving you targeted ads, you may opt-out by clicking here (or if located in the European Union click here). Please note this does not opt you out of being served advertising. You will continue to receive generic ads.

However, even where a customer has opted out of receiving any marketing data, in order to fulfill our service obligations, Armor will continue to send emails regarding customers’ account administration or interruptions to the Services for system maintenance.

E-mail Communications: Electronic communications may be sent by Armor using customers’ personal contact information to provide information related to product offerings, important industry news or general services and upgrades provided by Armor. Armor may receive a confirmation when you open an e-mail from Armor.com if your computer supports such capabilities. Under no circumstances will we use this information for anything else not described in this Privacy Statement. All users may at any time opt-out of our marketing by clicking the Unsubscribe link located at the bottom of all marketing and customer notices or by submitting a General Inquiry at https://www.armor.com/contact-us.   However, in order to fulfill our service obligations, Armor will continue to send emails regarding customers’ account administration or service interruptions for system maintenance.

Information from Other Sources: We may collect information from other sources such as lead generating third party companies to correlate the information to your already submitted information. We do not do verifications on individuals’ personal information. All verification is at the business level, not the individual level.

How We Use Personal Information

Armor may collect information about you through your use of the Site or use of Armor products and services for several reasons, including:

How We Share Personal Information

We may share personal information with business partners, service vendors, authorized third-party agents or contractors (such as Google, Inc. or Adobe Systems Inc.) in order to provide the services.

Information collected from customers may be disclosed to independent contractors and business

partners who have agreed (i) to hold this information in confidence, (ii) not to use it for any purpose except to carry out the service they are providing on behalf of Armor, and (iii) only in the ways that are described in this Privacy Statement and security policies in the way this information is handled. We do not sell your personal information to third parties.

Armor may also disclose aggregate, anonymous data based on information collected from customers to actual or prospective investors and partners. Should a sale of Armor’s business ever occur, collected customer information may be transferred along with the sale but the information will be treated in the same manner as set forth in this Privacy Statement. In the event of any significant changes to the manner your information is handled, we would notify you by a prominent notice on the Site.

We may respond to subpoenas, court orders, or legal process by disclosing your personal information and other related information, to the extent necessary.

Sites other than Armor: While visiting Armor’s website you may be directed to content or functionality that is hosted by a third-party. When information is collected by these third parties exclusively on Armor’s behalf, Armor’s Privacy Statement govern how information is used. The Site may contain links to third-party websites. Please note that these websites’ privacy and other policies may differ from those of Armor. We strongly recommend that you review the privacy policies of any online service prior to submitting personally identifiable information. Armor has no control over and is not responsible for the information practices of other websites, including those to which we may link and those which may link to us.

Data Integrity and Security

Armor makes diligent efforts to maintain accurate information on our customers. Armor has put stringent security procedures in place to protect such information collected about our customers. We constantly monitor our systems, which are protected using industry-standard security measures. Transport Layer Security (“TLS”) connections are used to communicate to our system to protect customer financial information (such as credit card number or bank account information), as well as encrypting vital information that customers input through the Site. Although reasonable efforts are made to secure network communications and the Site, Armor cannot guarantee that the information submitted to, maintained on, or transmitted from our systems will be completely secure.  Therefore, we cannot guarantee its absolute security. If you have any questions about security on our Web site, you can contact us at privacy@armor.com.

Accessing/Updating/Correcting/Deleting/Transferring or Handling of your Personally Identifiable Information

At any time, you can request access to your personal information, request that any inaccuracies be corrected, and request that comments or explanations be added to records about you, by contacting us. You can also ask about:

Finally, you can ask us not to collect or use your personal information for certain purposes, you can ask us to delete your personal information, or you can ask us to provide your personal information to a third party.

Depending on which laws apply to your personal information, we may only be able to do some of these things for you. If you request one of these things and we refuse to do it, we will explain your legal rights, the reason for our refusal and any recourse you may have.  We will respond to your request without undue delay within 30 days.  Armor reserves the right to take reasonable steps to verify customer identity prior to granting access or processing changes or corrections.

We will retain your information for as long as your account is active or as needed to provide you services and to fulfill the purposes for which the data was collected.  We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Our Commitment to Children’s Privacy

Protecting the privacy of the very young is especially important. For that reason, we never collect or maintain information on our Site from those we actually know are under the age of 16, and no part of our Site is structured to attract anyone under 16.

Conditions of Use, Concerns

By choosing to visit and interact with Armor, customers agree that their visit and any dispute regarding the protection of their privacy during such visit is subject to this Privacy Statement including, but not limited to, the provisions regarding limitations on damages and the application of the law of the state of Delaware.

Please note that if customers enter into other contractual agreements with Armor, privacy terms and conditions of such other agreements may supplement or supersede this statement. Questions and concerns about privacy at Armor should be directed to privacy@armor.com.

By Mail: Armor Defense Inc.
2360 Campbell Creek Blvd., Suite 525
Richardson, Texas 75082
+1 (877) 262-3473

Attn: Data Protection Officer

Revisions or Changes

Armor reserves the right to modify this Privacy Statement from time to time. If we propose to make any material changes, we will notify you by means of a notice on this page prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

#####EOF#####